Douglas Lucas: > On 07/05/2013 01:41 AM, Katya Titov wrote: >> >> The certificate will be cached in the client, however if the cert is >> changed (e.g. MitMed) then the client will accept the new one as >> long as it checks out through the regular checking processes. So a >> MitM which doesn't involve coercing a CA (or otherwise getting a >> 'valid' certificate) should result in Thunderbird throwing a >> warning, but a MitM due to a coerced CA will look fine. There are >> plugins for Firefox which alert you to a change in certificates, >> but I'm not aware of any for Thunderbird. > > Do you recommend any Firefox plugin in particular for this?
It's quite a difficult task. I've used Certificate Patrol which alerts you if a certificate changes; and employs some simple checks such as automatically accepting (and still advising you) if the certificate was changed when it required replacing. I've also used Perspectives (now Convergence) which uses a history of certificate 'sighting' and known notaries to provide a degree of confidence about whether or not a certificate is genuine. Google's Chrome uses certificate pinning so that the certificates of well known sites are hard coded and the browser itself can determine if a MitM is occurring (assuming it is being regularly updated). This was how the Comodo/Iran breach (2011?) was detected. Firefox and IE are now also using pinning, but I'm not sure to what degree. I think that the Perspectives/Convergence approach is probably the best: rely on others' reports about whether a certificate is legitimate. This should demonstrate if a local adversary (e.g. government) is trying to intercept the comms (your certificate is different to everyone else's). This also means that a CA hierarchy is no longer required. You really need to determine who you can trust. Trusting CAs used to be good enough for most people (i.e. people who are protecting their financial transactions and email and not their lives) however this no longer appears to be the case. Certificate pinning secures your connections to specific, well known sites, if you trust the browser vendors. Perspectives/Convergence means trusting a distributed group of people who run notaries that crowd source information from end users who are trying to be more secure; but even here you need to trust the technology behind the system and that the system can't be gamed by a well-resourced adversary. One final option is something like the way SSH generally works in practice: trust and accept the certificate the first time you see it and then notice if it changes. Unfortunately this one isn't practical because most certificates change on a regular basis and there's no way to verify that the change was legitimate. You can treat Perspectives/Convergence as an advanced version of this. If anyone else knows of some other good plugins or approaches then I'm also looking for more options. -- kat _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk