Re: meet in the middle attacks

[Jeffrey Altman]

I believe that most browsers and even some TELNET/FTP/SMTP clients that support START_TLS will allow the certificate to be saved as an authenticator of the host provided that the certificate is not a self-signed cert. If you do not want to use a commercial CA, then you should generate your own CA cert plus one End Entity cert signed by your CA cert. Use the End Entity cert for your service. This process could easily be added to the makefile for Apache or even OpenSSL.

- Jeff


Perry E. Metzger wrote:

I have to say I've watched this with a bit of puzzlement.

Meet in the middle attacks are perfectly real. I've seen them myself,
and toolkits to perform them are readily available out there. Ian's
vague comments about a lack of evidence of the economic impact
notwithstanding, it is unreasonable to leave one's protocols and
systems open to such attacks.

You do not need an elaborate CA infrastructure to prevent them, of
course. SSH manages to prevent them simply by having both sides sign
exchanges using naked (i.e. uncertified) keys that are pre-shared, for
example. Even use of MACs over exchanged values and pre-shared
conventional keys can prevent many such attacks.

However, not attempting to prevent such attacks -- especially given
that they are very effective -- seems foolish at best.

smime.p7s
Description: S/MIME Cryptographic Signature