Public Key Infrastructure: An Artifact...
Kevin E. Fu
fubob at MIT.EDU
Sun Nov 19 14:12:02 PST 2000
Of relevance to SSL and trust in DNS...
Even without stealing keys, there are unconventional ways of
circumventing SSL server authentication. That is, pretending to be an
SSL server that you are not.
For instance, a client might forget to verify in a resumed SSL session
that the server hostname matches the CN involved with the original
connection. If the client starts a resumable session with a server,
that server can pretend to be other hosts. Examples:
http://www.cert.org/advisories/CA-2000-05.html
http://snafu.fooworld.org/~fubob/netscape-ssl.html
There is not a well-defined trust model for proxied SSL content. SSL
authenticates servers, not content. Example:
http://www.mit.edu:8008/menelaus/bt/17272
Even if SSL were perfect, implementing certificate management will
remain tricky.
--------
Kevin E. Fu (fubob at mit.edu)
PGP key: https://snafu.fooworld.org/~fubob/pgp.html
>Unless that problem is fixed, man in the middle is hardly made more
>difficult - for example, Mallory could break into some random machine on
>the net and steal it's public key, then hijack local DNS and when someone
>goes to amazon.com redirect them to amazon.hackeddomain.com, and then
>proxy to amazon.com - now even SSL says the connection is safe.
>
>-Bram Cohen
More information about the cypherpunks-legacy
mailing list