Anne & Lynn Wheeler wrote: > James A. Donald wrote: >> However, the main point of attack is phishing, when an >> outsider attempts to interpose himself, the man in the >> middle, into an existing relationship between two people >> that know and trust each other. > > in the public key model ... whether it involves pgp, pki, digital > certificates, what-ever; the local user (relying party) has to have a > local trusted repository for public keys. in the pki model, this tends > to be restricted to public keys of certification authorities ... so that > the relying party can verify the digital signature on these > message/document constructs called digital certificates. > > in the traditional, ongoing relationship scenario, relying parties > directly record authentication information of the parties they are > dealing with. if a relying party were to directly record the public key > of the people they are communicating with ... it is the trusting of that > public key and the validating of associated public key operations that > provide for the countermeasure for man-in-the-middle attacks and > phishing attacks. > > the issue that has been repeatedly discussed is that supposedly the > existing SSL domain name digital certificates was to prevent > impresonation and mitm-attacks. however, because of various > infrastructure shortcomings ... an attacker can still operate with > perfectly valid SSL domain name digital certificates ... and it doesn't > stop the MITM-attack and/or phishing.
Eh? It surely does stop MitM attacks - the problem is that there's little value in doing so for various reasons, such as no strong binding between domain name and owner, UI that doesn't make it clear which domain you are going to, or homograph attacks. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ ** ApacheCon - Dec 10-14th - San Diego - http://apachecon.com/ ** "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]