On Sun, Dec 8, 2013 at 12:40 PM, Drak <d...@zikula.org> wrote: > Let me clarify. SSL renders BGP redirection useless because the browser > holds the signatures of CA's it trusts: an attacker cannot spoof a > certificate because it needs to be signed by a trusted CA: that's the point > of SSL, it encrypts and proves identity, the latter part is what thwarts > MITM. If there was an MITM the browser screams pretty loudly about it with a > big threat warning interstitial.
Sadly this isn't true: There are (many) CAs which will issue a certificate (apparently sometime within minutes, though last certificate I obtained took a couple hours total) to anyone who can respond to http (not https) requests on behalf of the domain from the perspective of the CA. This means you can MITM the site, pass all traffic through except the HTTP request from the CA, and start intercepting once the CA has signed your certificate. This works because the CA does nothing to verify identity except check that the requester can control the site. If you'd like to me to demonstrate this attack for you I'd be willing— I can provide a proxy that passes on :80 and :443, run your traffic through it and I'll get a cert with your domain name. I'm sorry for the tangent here— I think this sub-discussion is really unrelated to having Bitcoin.org behind SSL— but "someone is wrong on the internet", and its important to know that SSL hardly does anything to reduce the need to check the offline signatures on the binaries. ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development