Advanced Client/Server Authentication in TLS

Many business transactions on the Internet occur between strangers, that is, between entities with no prior relationship and no common security domain. Traditional security approaches based on identity or capabilities do not solve the problem of establishing trust between strangers. New approaches to trust establishment are required that are secure, scalable, and portable. One new approach to mutual trust establishment is trust negotiation, the bilateral exchange of digital credentials to establish trust gradually. This paper describes the Trust Negotiation in TLS (TNT) protocol, an extension to the TLS handshake protocol that incorporates recent advances in trust negotiation into TLS to provide advanced client/server authentication in TLS. In this paper we describe the current limitations in TLS client/server authentication with respect to trust establishment, and show how the TNT protocol overcomes them. We also describe our implementation of TNT, built using PureTLS, a Java TLS package that is freely available. This implementation is the first to provide confidential trust negotiation, verification of private keys during trust negotiation, and a single trust negotiation protocol supporting interoperable trust negotiation strategies.