Ted T'so wrote:

> At this point, you've just spent reams and reams of electrons stating
> the obvious.

Yes, for the second time, because some people *still* don't understand it.
(It's quite obvious to you and me, not so obvious to the people who still
don't get it.)

> If the endpoint is compromised, no protocol is going to
> help you.  This is true regardless of whether you are talking about
> SSLv3, or Kerberos (if I have a copy of your server's keytab file, I
> can forge arbitrary tickets), or IPSec (for any public key system, if
> I can insert an untrustworthy CA certificate, it's all over), and so
> on.

Exactly. So you can't say "my project uses SSLv3, so I don't have to worry
about MITM attacks". You have to say "my project uses SSLv3, and I have made
sure there are no problems is the *way* I used SSLv3 that might result in my
endpoint being 'compromised be design'."

> This is about as much of a tautology as shouting from the rooftops
> that "the sky is blue" or "2+2=4".  If you find this to be an insight
> worthy of note, it says much more about *you* than of the protocol or
> anyone on this list...

Then think about how wrong the people disagreeing with me must be!

I hardly consider it an insight worthy of note. I simply repeat it for the
benefit of those who keep saying things like "if you use SSLv3, you don't
have to worry about MITM attacks". Because these people do in fact sometimes
produces what you and I would consider compromised hosts.

> As the old saying goes, "better to be silent, and thought to be a
> fool, and to speak, and remove all doubt."

Tell that to the people who are disagreeing with me.

Unfortunately, there are real people who are using OpenSSL to implement a
communications scheme who think they are immune to MITM attacks because
people keep telling them that SSLv3 is immune to MITM attacks. In fact, it
provides you the tools to stop a MITM attack, but you can very easily use it
in a naive way such that you are vulnerable to MITM attacks.

I recognize that this is completely obvious to all people who understand
even a small amount about cryptography. However, it is fact learned from
experience that people who don't understand even a small amount of
cryptogaphy sometimes implement it.

If you trace the history of my original comment on this, it was in response
to just such a person.
http://www.mail-archive.com/[EMAIL PROTECTED]/msg31875.html

DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to