CFP: PKI research workshop
Eric Rescorla
ekr at rtfm.com
Mon Jan 14 17:47:30 EST 2002
Carl Ellison <cme at jf.intel.com> writes:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> At 02:19 PM 1/14/2002 -0800, Eric Rescorla wrote:
> >> Of course you do. That's why https://store.palm.com/ is such a
> >> problem. You thought you were talking to (and wanted to talk to)
> >> Palm Computing, just like the logos and page layout said you were.
> >> You're not. You're talking to a MITM. Palm hired them to run the
> >> store? The certificates don't say that.
> >The certificates say EXACTLY that. They say that this entity
> >is authorized to use the domain name store.palm.com.
>
>
> There is no certificate issued by Palm to Modus Media granting it
> authority to do business in Palm's name. There is only a
> certificate by VeriSign to the effect that Modus Media has been
> granted permission to use SSL server authentication for the domain
> name store.palm.com.
So? This would be exactly the case if the certificate were
issued to Palm rather than Modus. VeriSign's procedures ensure
(one hopes) that only someone authorized by Palm could have
gotten this certificate, thus cutting out the middleman
of the extra certificate. Aside from inflexibility, I don't
see any problem with the security guarantees this provides.
> Meanwhile, the information that the user
> really looks at to make a security decision (the Palm logo and the
> little padlock) aren't related at all.
No possible security system can protect people who trust
whatever logo happens to be transmitted to them in web pages.
-Ekr
--
[Eric Rescorla ekr at rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list