Marsh Ray wrote:
But the failure of *any* single CA allows a successful attack on *every* user connecting to *every* https website.
On 2011-09-19 2:48 PM, Arshad Noor wrote:
Would you care to explain this in more detail, Marsh? Please feel free to frame your explanation as if you were explaining this to a 6-year old.
Assume I have control over a CA, one obscure and minor CA that no one has ever heard of, and hardly anyone uses. Perhaps I have hacked them. Perhaps I am an Islamic preacher whose congregation is apt to blow up those that displease me, due to their sadly regrettable misunderstanding of Islam. Perhaps I am chief of police in some third world terror state such as Iran. Perhaps I am someone important at Harvard, or someone important in a Russian Mafia.
I want to intercept, and perhaps modify, all email to google. I get an intercept going through any of the notorious flaws in major routers, so that when a browser attempts to connect to https://mail.google.com, it in fact connects to my server, which may then connect to the real https://mail.google.com
I have my obscure and minor CA issue me a certificate for https://mail.google.com
I intercept all communications between https://mail.google.com and Iran. I have a keyword program check all the mail for bad words and forbidden topics. Any Iranian who writes inappropriate thoughts in a gmail gets tortured, and any Harvard student who writes inappropriate thoughts in a gmail gets failed.
Heaven help the poor Harvard student who wrote to his friend that his parents were giving him a niggardly allowance.
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
