On 6 Dec, 2011, at 3:43 AM, ianG wrote:
> The promise of PKI in secure browsing is that it addresses the MITM. That's
> it, in a nutshell. If that promise is not true, then we might as well use
> something else.
Is it?
I thought that the purpose of a certificate was to authenticate the server to
the client. This is a small, but important difference. If you properly
authenticate the server, then (one hopes) that we've tacitly eliminated both an
impersonation attack and a MiTM (an MiTM is merely a real-time, two-way
impersonation).
The problem is that we're authenticating the server by naming, and there are
many entities with a reason to lie about names. There are legitimate and
illegitimate reasons to lie about names, and while we know that it's going on,
we don't have a characterization of what reality even *is*.
We're seeing this in this very discussion. I also want to see proof that this
is going on. I know it is, but I want to see it. These bogus certs are a lot
like dark matter -- we know they're there, but we have little direct
observation of them.
Jon
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography