Re: Nonrepudiation - in some sense
Victor Duchovni wrote: On Fri, Feb 10, 2006 at 07:49:59PM +, Ben Laurie wrote: Secondly, obviously, you can only decrypt SSL if you have the private key, so presumably this is referring only to incoming SSL connections. And only if EDH (or more generally all PFS) ciphers are disabled. This is AFAIK common with HTTP servers, but the majority of TLS capable MTAs negotiate EDH ciphers. You refer, of course, to the case where you are trying to decrypt a sniffed conversation. Gotta be careful with the trimming of messages! -- http://www.links.org/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Nonrepudiation - in some sense
Hi all, server, and re-encrypting the information. Moreover, it maintains the non-repudiation of transactions since the encrypted communication is between client and application with no proxy acting as middleman. Firstly, even if you believe that _any_ crypto provides non-repudiation (see http://www.apache-ssl.org/tech-legal.pdf for a paper I co-authored on this and other stuff - executive summary: I don't believe it), you can't maintain the non-repudation of SSL because it doesn't provide non-repudation. Secondly, obviously, you can only decrypt SSL if you have the private key, so presumably this is referring only to incoming SSL connections. Moreover, it seems to me that: 1. it is misleading (at least in general) to state that SSL operates between client and application. SSL operates between client (browser) and (web) server; in many cases the real application might be on another server, way behind the point where the SSL connection terminates. Are there any SSL-aware applications (i.e. implementing business logic rather than providing communication services) for which this solution may be useful? 2. it is misleading to state that SSL secures transactions. SSL secures sessions. The authentication of SSL applies only to the session handshake, not to the exchanged data, in which transaction data might be present. This is why (as Ben remarks) SSL does not provide non-repudiation. 3. with this solution you need your private key in at least two different places. This introduces essentially more complicated key management, and increases the risk of key compromise. Grtz, Benne de Weger = Technische Universiteit Eindhoven Coding Crypto Groep Faculteit Wiskunde en Informatica Den Dolech 2 Postbus 513 5600 MB Eindhoven kamer: HG 9.84 tel.: (040) 247 2704, bgg 5141 e-mail: [EMAIL PROTECTED] www:http://www.win.tue.nl/~bdeweger = - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Nonrepudiation - in some sense
From a description of the Imperva SecureSphere technology. Imperva makes firewalls that can look inside SSL sessions: SSL Security that Maintains Non-Repudiation SecureSphere can inspect the contents of both HTTP and HTTPS (SSL) traffic. SecureSphere delivers higher HTTPS performance than competing reverse proxy point solutions because SecureSphere decrypts SSL encrypted traffic but does not terminate it. Therefore SecureSphere simply passes the encrypted packets unchanged to the application or database server. This eliminates the overhead of re-packaging (i.e. changing) the communications, re-negotiating a new SSL connection to the server, and re-encrypting the information. Moreover, it maintains the non-repudiation of transactions since the encrypted communication is between client and application with no proxy acting as middleman. -- Jerry - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Nonrepudiation - in some sense
On Fri, Feb 10, 2006 at 07:49:59PM +, Ben Laurie wrote: Secondly, obviously, you can only decrypt SSL if you have the private key, so presumably this is referring only to incoming SSL connections. And only if EDH (or more generally all PFS) ciphers are disabled. This is AFAIK common with HTTP servers, but the majority of TLS capable MTAs negotiate EDH ciphers. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]