Nelson Bolyard wrote:
John Gardiner Myers wrote:
The key threat is that an attacker is able to present a cert signed (possibly indirectly) by the CA's private key and containing a fraudulent value in a field that the user of the browser relies on. Which fields those are is debatable, but the key fields are definitely the server DNS name and S/MIME email address.
I have several issues with that statement of a threat model.
Yes, so do I. I'd say that the critical threat is that an attacker can bypass the CA security model totally by sending a spoofed address. This will remain easy to do until browsers start to engage the user in security displays such as the branding idea; That way, a user can be encouraged to notice that the security model is being bypassed.
Mind you, I have seen the above threat in practice, when a spoof was aimed at a DGC [1]. In this case, it was highly unusual as the attacker actually used HTTPS with an SSL cert to set up the spoof site.
It was highly illusory - I recognised the https approach straight away because most spoofs do not use https. So I spent some time trying it out and couldn't figure out why the browser seemed to be accepting the cert without alerting me that the name didn't match... Until suddenly it dawned on me - the name wasn't "wrong", and the cert was a properly issued certificate, but for a different name.
What had happened was that the spoofer had acquired a domain and cert for "X-backend" and had attacked a site called "X". The changed name was sufficiently familiar that it fooled me.
It's for attacks like these (there lots of variations) that we want to see a count of visits displayed prominently in the branding box.
1. As I mentioned in another post in this group, a cert is a signed statement from a cert issuer, certifying the binding of a name or names to a public key. The statement is either true or false. if any part of it is false, then the statement is false. I would not say that the statement contains a fraudulent value. The presentation of such a false statement is (or may be) an act of fraud.
I'm not sure it is valuable to say that a statement is either true or false, as statements can be both true and false, depending on the assumptions made.
It is perhaps more useful to concentrate on saying that a statement can be relied upon or not (which more usefully surfaces the rate of confidence).
iang
[1] DGC is Digital gold currency, such as e-gold.com or goldmoney.com. These institutions are facing a lot more attacks than the normal banks, partly because the funds once scarfed are much more difficult to get back. _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
