On Sep 25, 9:35, Eric Young sent the following to the NSA's mail archives:
Subject: Re: SSL Man-in-the-middle || || On Fri, 22 Sep 1995, David J. Bianco wrote: || > Has anyone given much thought to the feasability of a man-in-the-middle || > attack against an SSL (or other similar) transaction? To me, the || > possibility seems obvious, so I figure it must have been discussed before, || > though I haven't seen it. || .... || > Since neither the browser nor the server perform any authentication checks, || > neither Bob nor Alice know they are really speaking to Mallet. The best || > Alice can do is check the IP address of the client she's speaking to, but || || Ah, err, the infamious problem of Netscape Navigator refusing to talk to || SSL httpd's because they don't have a certificate issued by Verisign is || caused by the client authentication the Server certificate. || To get a Verisign signed x509 certificate requires quite a bit of proof || that your company is who they claim they are. So server authentication || is used. ||
Not so. VeriSign can only vouch for identity, not intention. I can fork out $300 (at last count) and get a signed certificate for my fake company. If the stakes are high enough, I can incorporate fairly cheaply, get a business license, and then I'd have a real company I could submit as. Or, if I'm lazy, don't have enough money, or unwilling to leave a paper trail, I'd break into someone's weakly secured server and steal their certificate. In either case, I've obtained a "legitimate" signed certificate for illegitimate purposes. That's why I don't think just verifying the signature on the certificate is nearly enough. -- ========================================================================== David J. Bianco | Web Wonders, Online Oddities, Cool Stuff iTribe, Inc. | Phone: (804) 446-9060 Fax: (804) 446-9061 Suite 1700, World Trade Center | email: <bianco@itribe.net> Norfolk, VA 23510 | URL : http://www.itribe.net/~bianco/