Hello, I'm working on analyzing TLS 1.3 traffic and I'm focusing on certificate messages. The certificate in TLS 1.3 are sent in an encrypted form and I'm extracting the length of these certificates for further analysis. I want to know If for a given server the certificate length will always be the same or no? (We don't take in consideration session resumption case)
I want to know If for a given server the certificate length will always be the same
X.509 certificates have an expiration date so the answer is no, the certificate will not always be the same so it follows the length may not always be the same. It could also be revoked prior to expiration, necessitating the acquisition of a new certificate (and possibly a new chain, all with possibly varying lengths). However, for any given short period of time, they will likely be constant. Short is relative - it is most likely up to the expiration time at least, but it can't be guaranteed. Whether or not this short period is good enough is completely dependent on the problem at hand.
Of course, if it is your server, and you make a certificate/pki infrastructure that lasts forever (my definition of forever is anything past my retirement age) and you choose to never change the credentials, then you could claim the certificate length will never change.
Asked: 2020-05-04 15:05:43 +0000
Seen: 437 times
Last updated: May 04 '20
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
