HTTPS mutual authentication alpha release - please test
Hadmut Danisch
hadmut at danisch.de
Sun Nov 6 18:28:04 EST 2005
On Fri, Nov 04, 2005 at 09:16:16AM +0000, Nick Owen wrote:
>
> No, this is not it. It is this attack and similar:
>
> http://tinyurl.com/a3b89
>
> The phishers are not using valid certificates, but users are so immune
> to warnings about certificates that they don't pay attention to them.
> It may be a DNS cache poison or the typical email; it could be any
> mechanism to send the user to a fraudulent site. What is being provided
> is a mechanism to route the users to the correct site by providing a way
> to validate the certificate for them.
Mmmh, I'd have two questions about this:
- It seems that you are not defending against an attack, but trying to
protect the user against his own ignorance. The user ignores the
warning label, so you want to replace it with a bigger warning
label. But the bigger warning label doesn't contain any news or more
information, or any protection that the smaller label doesn't
provide. It's just that the bigger warning label is bigger (or more
red, or more alerting letters...), hoping to wake the user up?
But user ignorance is not a new type of attack. If the user pays
attention to the browser warnings, then I don't see what advantage
WIKD should have. Inventing new protocols and complexity, and
trusting an additional party without good reason and reasonable
advantage is never a good idea in security.
- The authorized owner must be able to replace the server certificate
with a new one at any time, e.g. when the secret key has been lost
or compromised.
case 1: If it is not possible to update the hash stored at WIKID,
how would the authorized owner ever be able to replace the
compromised key with a new one? Wouldn't this force him into
continuing in using the compromised key?
case 2: If it is possible to update the hash stored at WIKID, and if
the attacker was already able to register a bogus certificate at an
official CA, why shouldn't he be able to update the certificate at
WIKID as well? In what way is WIKID's certificate verification
procedure more reliable than the one of the "trusted CAs" ?
Hadmut
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list