HTTPS mutual authentication alpha release - please test

Hadmut Danisch hadmut at danisch.de
Sun Nov 6 18:28:04 EST 2005 

On Fri, Nov 04, 2005 at 09:16:16AM +0000, Nick Owen wrote:
> 
> No, this is not it.  It is this attack and similar:
> 
> http://tinyurl.com/a3b89
> 
> The phishers are not using valid certificates, but users are so immune
> to warnings about certificates that they don't pay attention to them.
> It may be a DNS cache poison or the typical email; it could be any
> mechanism to send the user to a fraudulent site.  What is being provided
> is a mechanism to route the users to the correct site by providing a way
> to validate the certificate for them.



Mmmh, I'd have two questions about this:


- It seems that you are not defending against an attack, but trying to
  protect the user against his own ignorance. The user ignores the
  warning label, so you want to replace it with a bigger warning
  label. But the bigger warning label doesn't contain any news or more
  information, or any protection that the smaller label doesn't
  provide. It's just that the bigger warning label is bigger (or more
  red, or more alerting letters...), hoping to wake the user up?

  But user ignorance is not a new type of attack. If the user pays
  attention to the browser warnings, then I don't see what advantage
  WIKD should have. Inventing new protocols and complexity, and
  trusting an additional party without good reason and reasonable
  advantage is never a good idea in security.


- The authorized owner must be able to replace the server certificate
  with a new one at any time, e.g. when the secret key has been lost
  or compromised.

  case 1:  If it is not possible to update the hash stored at WIKID,
  how would the authorized owner ever be able to replace the
  compromised key with a new one? Wouldn't this force him into
  continuing in using the compromised key?


  case 2: If it is possible to update the hash stored at WIKID, and if
  the attacker was already able to register a bogus certificate at an
  official CA, why shouldn't he be able to update the certificate at
  WIKID as well? In what way is WIKID's certificate verification
  procedure more reliable than the one of the "trusted CAs" ?


Hadmut






---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list