Nelson B wrote:
....
Just over a year ago, someone published an article in a quarterly
journal exposing just how easy it is to hijack the email for a domain.
Read a draft of it at http://files.juraj.bednar.sk/CA
An interesting read. He brings up an awful lot
of problems.
Using a combination of techniques is probably
as good as it gets. But even then, this is not
going to stop a fraudulent issue. What's worse,
it may discriminate in ways that we would rather
avoid, given MF's mission to deliver to the world.
Digression: I lived for 4 years in a country without
streetnames. There were no addresses, because
there was no postal delivery. If you wanted to get
mail you had to go order a post office box or share
one. The electricity bill was not in my name, and
in fact I couldn't get a single piece of paper that
proved I lived in my house. Nor did the company.
So much so that when we as a business moved half
a dozen countries down the road (well, island chain)
some of our team asked for the privilege of paying
the new electricity bill so they could get some proof
of existence.
This "documents" situation exists in a large
proportion of the world. Wherever we are, we
should consider the fact that elsewhere, it's
just 'different.' How are you going to sell an
SSL cert to someone who can't prove who they
are? Or, are we saying SSL is only available for
those who follow our western notions of identity
proof?
(This problem becomes really dramatic when
trying to open bank accounts or digital money
accounts.)
It has been demonstrated that an attack on an email domain is orders
of magnitude easier than attacks on SSL. So, if an attacker wanted
to attack a high value target, he would surely attack the email
channels before attempting to attack the crypto.
That's Adi Shamir's 3rd law of security:
Cryptography is typically bypassed, not penetrated
http://www.financialcryptography.com/mt/archives/000147.html
....
And if browser users ("relying parties") cannot tell the difference
between certs from CAs that base their authentication on no more
than insecure email, woe be to them!
Hallelujah to that!
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
mozilla-crypto@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-crypto
