> On 22.10.2023 at 15:06 Philip Paeps via mailop wrote:
>
> On 2023-10-22 14:34:39 (+0530), Slavko via mailop wrote:
>> while not directly about email, recently was published details
>> about success MiTM attack against XMPP server, the attacker
>> was able to decrypt TLS communication without notice (from
>> both sides, the server and client) and was success for at least
>> three months, see
>>
>>   https://notes.valdikss.org.ru/jabber.ru-mitm/
>>
>
> Indeed: not directly related to mailops.  But a very instructive example of 
> why monitoring C-T logs is a good idea.

That’s true, but monitoring certificate transparency logs would have only 
helped in this particular case, as the attack wasn’t very sophisticated (they 
let their MITM certificate expire after all..).
The attackers could have just ordered a certificate without CT signatures. This 
certificate would not be accepted by webbrowers on third party clients, but as 
the certificate was used on a Jabber server this would not have mattered. 
Jabber happily accept certificates without any CT signatures.

—
BR Oliver
________________________________

dmTECH GmbH
Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe
Telefon 0721 5592-2500 Telefax 0721 5592-2777
[email protected]<mailto:[email protected]> * www.dmTECH.de<http://www.dmtech.de>
GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927
Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher
________________________________
Datenschutzrechtliche Informationen
Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser 
ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in 
Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder sich 
bei uns bewerben, verarbeiten wir personenbezogene Daten. Informationen unter 
anderem zu den konkreten Datenverarbeitungen, Löschfristen, Ihren Rechten sowie 
die Kontaktdaten unserer Datenschutzbeauftragten finden Sie 
hier<https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832>.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop

Reply via email to