[EMAIL PROTECTED] wrote: > Now that we have a handful of major certificate authorities > like VeriSign and now that broswers come with a bunch of public keys > it looks like we have a viable working universal PKI system for > SSL and other real work. Say good bye to "Man-in-middle-attacks"! yay! > > Seriously, I'm curious what people think about this PKi system and what the > attack vectors are to be concerned about. Please tell me if these two attack > vectors I've heard of are worrisome.... > > * You can attack web browser packages in Linux distrubutions. If you can put > a > fake VeriSign public key in Firefox package you just killed the PKI system > right? > > * You can somehow "fool" a cert authority to give you a public key they should > not. (I'm not sure this is much of a threat anymore after bad press about > someone getting a Verisign'ed M$ cert IIRC. Perhaps someone thought of > clever ways to protect against this?)
Relying on any such "authority" as is provided built-into browsers, seems shaky strategy (at best). Why should I trust the certs of the CAs themselves -- the only argument is that the software vendors, and hence, a lot of other people do. As you say, trusting the reliability of the CA's certification process is a second weak link. At least browsers do provide some security management capabilities, and I "kinda" trust the browser code. Er, .. don't you? If I were dealing (say) with company-crucial information, I would want to use a private (company) PKI system. And careful procedures. Lacking private capabilities, I would guess that web-of-trust systems might be more sensible than a common authority system. Of course, there's also the disclaimer that with inadequate end-user understanding and discipline, all security bets are off, anyway. Regards, ..jim -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
