Alaric Dailey wrote: > Gervase Markham wrote: >> Alaric Dailey wrote: >>> Actually many of them were, they were simply ignored by CAs and >>> developers that were more interested in making money selling snake >>> oil than doing things right. For example SSL for identification is >>> worthless without DNS being secured >> >> Please outline briefly how an attack on the DNS can make SSL worthless? >> >> I understand how it can make you connect to a machine you don't want >> to, but that machine needs to have a certificate for the domain it is >> trying to fake, signed by a CA in your root store. Isn't that right? >> If so, the problem reduces to the one about getting certificates for >> domains you don't control. >> > Two Attacks spring to mind, both start with "Poison the cache or hijack > the DNS completely" > 1. then redirect the http: connect to a look-a-like site that has an > SSL cert that the got honestly, hell it might even be an EV cert so the > users get the green bar. Because the cert will be valid, the user won't > know any different.
If it is valid, the hijacker's cert will not bear the domain name of the host that appeared in the browser's URL. The browser will detect this and report it to the user. > 2. steal the cert, which is easier than you might think since > something like 80% of all security breaches are internal, and setup a > site using the stolen cert. as most users don't have certificate > checking turned on. a) and these breaches compromise what percentage of certs? b) cert checking is going to be turned on by default pretty soon. We have it working through proxies now, which was the major reason it wasn't on be default before. > > The anti-fraud list over at CAcert has gone over these, and many other > possibilities. I didn't even touch on self-signed certs, making > look-a-like CAs etc.... > > If you ask me, all Mozilla products should be configured to reject > self-signed certs for sites, there is no reason for them. heck I even > found a Mozilla security announcement. > > http://www.mozilla.org/security/announce/2006/mfsa2006-58.html I mostly agree with your view on self-issued certs. A tiny percentage of power users really want to use their own self-issued certs, and they are disproportionately vocal in these discussion groups, which makes most mozilla developers extremely reluctant to reject them altogether. (Mozilla's target market seems not to be "the masses", but rather the vocal users who give much feedback.) My personal view is that it should be possible to deliberately configure your mozilla client to know about and honor specific self-issued certs of the user's choosing, but that should be done as a preference, not as a default action in a common error dialog. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
