On 20-Jul-07, at 7:54 AM, Dmitry Shechtman wrote:
The attack vector: I poison your local DNS resolver, or proxy all
traffic, so that http://foo.blogspot.com actually resolves to
http://evil.org's IP. If you follow the 302 redirect, you could be
allowing evil.org to tell you what the "canonical" URL is. For
example it could do a 302 redirect over to https://evil.org which
presents a valid certificate and which can masquerade as the user's
OP, capturing their password. (For users who check URLs, it could
be https://my.open1d.org instead of https://evil.org.)
Pardon my ignorance regarding TLS, but I don’t see what protection
it would provide against such an attack. Is TLS similar to SSL with
the exception of http prefix usage?
In most discussions (i.e. ones that don't concern themselves with
which version of SSL you're using) TLS and SSL are used as synonyms.
TLS (Transport Layer Security) is the name of an IETF standard based
on SSL v3.
As Dmitry observes, the protection it offers is useless if there are
http (i.e. non-SSL/TLS) links in the chain. In an environment where
the entire exchange happens over SSL/TLS though, the argument is that
DNS spoofing/redirect attacks won't work, because an attacker cannot
obtain a CA-signed certificate for a domain they don't own. Thus,
even when the spoofed DNS has redirected trusted-id.com to evil-evil-
hooray.com, attempts to verify the certificate of this false "trusted-
id.com" will fail, and presumably the connection will be killed.
Cheers,
Johnathan
---
Johnathan Nightingale
Human Shield
[EMAIL PROTECTED]
_______________________________________________
security mailing list
[email protected]
http://openid.net/mailman/listinfo/security
