For any consumer of http.sys (be it IIS7.5 unmanaged code, a self hosted WCF service, or some dotNET socket using .NET SSL classes), how do i REMOVE the dependency on windows cert stores - when ACCEPTING the client cert in the SSL handshake?
My project has the browser (or any other https client) provide self-signed client certs (and certverify signatures) to the http.sys endpoints using the usual SSL/TLS SSL handshake protocol. Its all perfectly normal - except that the self-signed client cert is UNKNOWN to any windows cert store. Its NOT a PKI-centric solution/protocol, that is. The cert is not rooted in a root/enterprise trust store, and the cert is NOT present in the trusted people store. The cert is simply not known about, before the SSL handshake commences. SSL handshake needs to simply verify the signature, and pass up the cert blog to a higher layer (user space, IIS script, etc).
(The project is a formal W3C incubator research effort, FYI, intending to push the envelope).
There may be dollars available if its possible to insert a driver/interceptor int the kernel that should change the https.sys behaviour of SSL client certs (and cert store lookup, and any use of wintrust API). We bascially want/need to TURN off the higher assurance ontrols of windows/shcannel/http.sys, allowing the service endpoint to make its OWN trust decisions - using alternative technologies to PKI under development.
we are still very hazy on the scope of all this. We dont know if it’s shcannel that is imposing the cert store andor wintrust dependency (and perhaps shcannel in kernel mode can be tweaked) or http.sys. thus, we dont even know IF a drive could intercept and alter behaviour. For obvious reasons, one would want that driver signed!