Ian G wrote:
Both are insecure only in absolute sense.
In reality, both are reasonably secure,
There is typically a low probability of attack against either of them if they are low value targets.
> with known weaknesses.
Namely, they fall apart under not-very-difficult attacks.
> But those weaknesses are not entirely correlated.
No?
If both of these were requested, then an attacker would have to change over the domain name record of the email addresses, as well as change over the DNS settings.
Both MX records (which direct email routing) and A records which return IP addresses for host names are DNS records. It suffices to poison the resolver cache of a single victim's computer to accomplish the attack on both.
As the change for the DNS settings would involve directing all (or most) DNS traffic over a period that was hard to determine, this would have a much greater chance of being noticed.
Only the issuer's traffic need be directed.
One falsified DNS record, or one bad line in your "hosts" file, is all it takes to spoof any/all insecure web content from any one site.
Right. But the web content is on a site that is currently in use. And, the more it is in use, the more it is going to be noticed, so this scales nicely with the importance of the check.
Noticed by whom? You still haven't explained how web content is supposed to give the issuer any more assurance about the party to whom an SSL cert is about to be issued. I gather that you propose that the issuer will look at the page that (supposedly) comes from the requestor's server, and take assurance therefrom. If that is your proposal, then only the resolver cache used by the issuer's machine need ever be compromised by the attacker.
The reason the email trick works - I guess - is because that email path is never used.
uh, no. It's because whatever email the issuer sends to the intended recipient is intercepted by the attacker. The attacker can click on any links, and use any passwords found in the mail that was intended for the proper recipient, since the email messages were not secured in any way.
-- Nelson B _______________________________________________ mozilla-crypto mailing list mozilla-crypto@mozilla.org http://mail.mozilla.org/listinfo/mozilla-crypto
