Nelson B wrote:
.... Just over a year ago, someone published an article in a quarterly journal exposing just how easy it is to hijack the email for a domain. Read a draft of it at http://files.juraj.bednar.sk/CA
An interesting read. He brings up an awful lot of problems.
Using a combination of techniques is probably as good as it gets. But even then, this is not going to stop a fraudulent issue. What's worse, it may discriminate in ways that we would rather avoid, given MF's mission to deliver to the world.
Digression: I lived for 4 years in a country without streetnames. There were no addresses, because there was no postal delivery. If you wanted to get mail you had to go order a post office box or share one. The electricity bill was not in my name, and in fact I couldn't get a single piece of paper that proved I lived in my house. Nor did the company. So much so that when we as a business moved half a dozen countries down the road (well, island chain) some of our team asked for the privilege of paying the new electricity bill so they could get some proof of existence.
This "documents" situation exists in a large proportion of the world. Wherever we are, we should consider the fact that elsewhere, it's just 'different.' How are you going to sell an SSL cert to someone who can't prove who they are? Or, are we saying SSL is only available for those who follow our western notions of identity proof?
(This problem becomes really dramatic when trying to open bank accounts or digital money accounts.)
It has been demonstrated that an attack on an email domain is orders of magnitude easier than attacks on SSL. So, if an attacker wanted to attack a high value target, he would surely attack the email channels before attempting to attack the crypto.
That's Adi Shamir's 3rd law of security:
Cryptography is typically bypassed, not penetrated
http://www.financialcryptography.com/mt/archives/000147.html
....
And if browser users ("relying parties") cannot tell the difference between certs from CAs that base their authentication on no more than insecure email, woe be to them!
Hallelujah to that!
iang
-- News and views on what matters in finance+crypto: http://financialcryptography.com/
_______________________________________________ mozilla-crypto mailing list mozilla-crypto@mozilla.org http://mail.mozilla.org/listinfo/mozilla-crypto