Ben Bucksch wrote:
Actually, that probably wouldn't even be that hard, I don't need to be a government for that, I'd only need to be able to listen to (and maybe intercept) your mailbox (that's exactly the problem that crypto tries to solve, right?), in that case I could apply for a Class 1 certificate (only validates email mailbox) from any CA, catch and respond to the verification mail to your mailbox, and then use that new certificate to pose as you in email towards your correspondants. Given what you said, they wouldn't notice the certificate change, answer me encrypted with the new key, I would catch the email from your mailbox again, decrypt it using my fake cert and be done. Attack successful.
Correct, that would be a successful attack, and nothing can stop it today.
If you reject the proposal to enforce continuity of certs, how about a Ian Grigg's suggestion of a counter of how much a cert has been used? If the counter for a frequent and critical correspondent suddenly drops, I can at least be alerted and check what's up.
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
