On Monday, August 28, 2017 at 1:15:55 AM UTC-7, Nick Lamb wrote: > I think that instead Ryan H is suggesting that (some) CAs are taking > advantage of multiple geographically distinct nodes to run the tests from one > of the Blessed Methods against an applicant's systems from several places on > the Internet at once. This mitigates against attacks that are able to disturb > routing only for the CA or some small corner of the Internet containing the > CA. For example my hypothetical 17 year-old at the ISP earlier in the thread > can't plausibly also be working at four other ISPs around the globe. > > This is a mitigation not a fix because a truly sophisticated attacker can > obtain other certificates legitimately to build up intelligence about the > CA's other perspective points on the Internet and then attack all of them > simultaneously. It doesn't involve knowing much about Internet routing, > beyond the highest level knowledge that connections from very distant > locations will travel by different routes to reach the "same" destination.
Thanks, Nick, that is exactly what I was saying. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy