On 10/12/2018 14:41, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Michael Ströder
Sent: Saturday, December 08, 2018 06:59
On 12/7/18 11:44 PM, Michael Wojcik wrote:
Homograph attacks combined with phishing would be much cheaper and
easier. Get a DV certificate from Let's Encrypt for anazom.com or
amazom.com, or any of the Unicode homograph possibilies>
Part of the point of EV certificates was supposed to be making the
difference in trust visible to end users.
And how do you avoid such homograph attack on subject DN attribute "O"
(organization's name) when display the holy EV green sign?
=> EV certs also don't help in this case.
Also in case of amazon.com most users know the pure domain name but not
the *exact* company name, not to speak of the multitude of names of all
the subsidiaries.
Oh, I agree (at least on the latter point - I'm not sure how concerned I am about
homograph attacks on the subject DN, since the common UAs are verifiying subjAltName
values and ignoring the DN). That's why I wrote "was *supposed* to be". I don't
think EV certificates accomplished this goal.
I've never felt EV certificates were very useful, and they got progressively
worse over time. Remember back in July when Entrust's Chris Baily put language
on the CA/BF ballot (Ballot 255, specifically, if anyone wants to look it up)
to restrict EV certificates to entities that had been incorporated for at least
18 months? That's the kind of terrible thinking that the EV process produced.
The Stripe certificate fiasco that led to Baily's proposal is another example
of why EV certificates Just Don't Work. The idea of having different
certificates at different trust levels might be salvageable, but the EV
implementation put the burden of evaluating those trust levels on the user
(because user agents just passed it on to them), and the vast majority of users
aren't in any position to do that. Nor were they in any position to determine
how those trust levels ought to affect their threat model (that was the hole
exploited by the Stripe attack). A site with a legitimate EV certificate might
still misrepresent itself, perform hostile actions, or be vulnerable to attack
(or already subverted) - EV says nothing about those risks.
The Stripe certificate fiasco relied heavily on browsers not displaying
the EV certificate fields (specificlly Jurisdiction of incorporation)
correctly along with the name, as clearly spelled out in the EV
specification.
That Jurisdiction field along with the uniqueness checks done by the
authorities of the jurisdiction is what is supposed to prevent
homographs in the O field. For example, using Cyrillic letters in a
de jure company name is unlikely to be allowed outside the Cyrillic
using jurisdictions (former USSR, Serbia, maybe Bosnia and Montenegro).
If displayed, users should readily notice the wrong country in the
green bar.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
