1. See also

2. References

3. External links

Mutual authentication or two-way authentication refers to two parties authenticating each other at the same time, being a default mode of authentication in some protocols (IKE, SSH) and optional in others (TLS).

By default the TLS protocol only proves the identity of the server to the client using X.509 certificate and the authentication of the client to the server is left to the application layer. TLS also offers client-to-server authentication using client-side X.509 authentication.^[1] As it requires provisioning of the certificates to the clients and involves less user-friendly experience, it's rarely used in end-user applications.

Mutual TLS authentication (mTLS) is much more widespread in business-to-business (B2B) applications, where a limited number of programmatic and homogeneous clients are connecting to specific web services, the operational burden is limited and security requirements are usually much higher as compared to consumer environments.{{Quote|text = Better institution-to-customer authentication would prevent attackers from successfully impersonating financial institutions to steal customers' account credentials; and better customer-to-institution authentication would prevent attackers from successfully impersonating customers to financial institutions in order to perpetrate fraud|sign = Financial Services Technology Consortium, 2005|source =}}

Most Mutual authentication is machine-to-machine, leaving it up to chance whether or not users will notice (or care) when the remote authentication fails (e.g. a red address bar browser padlock, or a wrong domain name). Non-technical mutual-authentication also exists to mitigate this problem, requiring the user to complete a challenge, effectively forcing them to notice, and blocking them from authenticating with a false endpoint.

Mutual authentication is of two types:

1. Certificate based
2. User name-password based

See also

• Computer security
• Digital signature
• Mobile signature
• Pharming
• Secure channel
• Two-factor authentication

References

External links

• [https://docs.oracle.com/cd/E19798-01/821-1841/bncbt/index.html Two types of Mutual Authentication]

• List of dinosaur fossils with preserved soft tissue
• List of dinosaur parks
• List of dinosaurs
• List of dinosaurs in Jurassic Park
• List of dinosaur specimens
• List of dinosaur specimens with documented taphonomic histories
• List of dinosaur specimens with nicknames
• List of dinosaur specimens with preserved soft tissue
• List of dinosaur tracks
• List of Dinosaur Train characters
• List of Dinosaur Train episodes
• List of dinosaur type specimens
• List of dioceses, deaneries and parishes of Church of Sweden
• List of dioceses, deaneries and parishes of the Church of Sweden
• List of dioceses of the Anglican Church in North America
• List of dioceses of the Philippine Independent Church
• List of Diospyros species
• List of diplomatic missions and trade organizations in Chicago
• List of diplomatic missions in Atlanta
• List of diplomatic missions in Britain
• List of diplomatic missions in Burma
• List of diplomatic missions in Chennai
• List of diplomatic missions in Comoros
• List of diplomatic missions in Côte d'Ivoire
• List of diplomatic missions in Dubai