On Tue, 06 Jan 2009 06:09:34 +0900, Randy Bush said: > to use your example, the contractor who serves dns for www.bank.example > could insert a cert and then fake the web site having (a child of) that > cert. whereas, if the site had its cert a descendant of the ca for all > banks, this attack would fail.
All you've done *there* is transfer the trust from the contractor to the company that's the "ca for the bank". Yes, the ca-for-banks.com has a vested interest in making sure none of its employees go rogue and do something naughty - but so does the DNS contractor. One could equally well argue that if a site was using the DNS for certs would be immune to an attack on a CA.
pgpOUfrEeXfx2.pgp
Description: PGP signature
