On 9 Jun 2003 at 2:09, Dave Howe wrote:
> The problem is here, we are blaming the protective device for
> not being able to protect against the deliberate use of an
> attack that bypasses, not challenges it - by exploiting the
> gullibility or tendency to take the path of least resistance
> of the user. The real weakness in HTTPS is the tendency of
> certificates signed by Big Name CAs to be automagically
> trusted - even if you have never visited that site before.
> yes, you can fix this almost immediately by untrusting the
> root certificate - but then you have to manually verify each
> and every site at least once, and possibly every time if you
> don't mark the cert as "trusted" for future reference. To
> blame HTTPS for an attack where the user fills in a web form
> received via html-rendering email (no https involved at all)
> is more than a little unfair though.

How many attacks have there been based on automatic trust of
verisign's feckless ID checking?   Not many, possibly none.

That is not the weak point, not the point where the attacks
occur.   If the browser was set to accept self signed
certificates by default, it would make little difference to

A wide variety of ways of getting big name certificates that
one should not have, have been discovered.   Attackers never
showed much interest. 

         James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to