On 19/2/09 16:39, Benjamin Smedberg wrote:
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
Other than this specific attack, what are the concerns about wildcards that
would make us take such a drastic action?
It sounds to me that we could and should fix this bug simply by disabling
punycode for the wildcard portion.
The issue is one of cross-area complexity. Punycode is "powerful" and
so is wildcards. By themselves, they are ok, and they work "on paper".
But when you combine them, there are possible weird interactions. As
the paper showed, there are ways in which you can combine these things
to create a good attack.
To a large extent, there may be some merit in establishing a principle
or criteria, such as Eddy is pointing towards:
* powerful features are only available to well-verified people.
+ wildcards
+ punycode
+ codesigning
(That's just a hypothetical.)
iang
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
