Wildcard Certs

[gabriel rosenkoetter]

On Tue, Jun 17, 2003 at 09:57:24AM +0100, Pete Chown wrote:
> I can't see any generalised threats that would justify withdrawing 
> wildcard certs, but perhaps others can.

I think it's maybe cleaning a pistol for the user, but it's neither
loading it, nor pointing it at their foot for them, and it's
certainly not pulling the trigger for them.

The obvious concern that I can see is that you later delegate DNS
for some subdomain to someone else, and they do something Bad.

I think, however, that the hurdles in such an attack are significant.
Getting the delgation isn't hard (my employer has one from a certain
large pharmaceuticals manufacturer in Delaware because we host a
web site for them with a failover system that relies on short-TTL
DNS zones), but getting ahold of the secret key for your rogue web
server SHOULD be at least extremely difficult if not functionally
impossible. The threat model for that is the same as it always ways
(and not a function of the certificate verification process in any
case).

I'd say the benefit (not having to fork over cash for every single
server you own) is worth it. I'm assuming this "domain certificate"
is substantially more expensive than a single host cert, but I'm
sure there's a number of hosts where it starts making monetary
sense.

-- 
gabriel rosenkoetter
gr at eclipsed.net

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com