Duane wrote: > So while MITM attacks via ssl scams aren't happening I'm pretty sure it > has nothing to do with any verification checks implemented by CAs...
The definition of an MITM is somewhat debatable and tricky to tie down. For example, is it an attack where you start out in the middle? Or is it an attack where you end up in the middle? Either way, the phishing attack is, by some measures, an MITM attack on SSL/HTTPS/browsing. It works, which is to say that it breaches the security model. The attacker ends up in the middle. So, it's an MITM. This isn't a direct critique on SSL, the pure connection oriented crypto protocol, but it is one on the whole methodology and the whole application. The security model is breached by phishing because the model was only deployed up to the boundaries of the conventional protocol. I.e., SSL/HTTPS/Certs, and no further. Now, as we know, security models have to cover all layers. A security model is vertical, top to bottom. There is no point in implementing top notch crypto if there are easy ways around it. It's the canonical safe door in a wooden wall. Which leads us to this observation: either the security model is deployed properly in the app (which is the chrome/branding box idea), OR, the the security of SSL is downgraded so that the convenience level that the apps people have decided upon is benefitted at all levels. According to the security theory, you can't have it two ways. The fact that browsers claim it both ways means that they are both insecure and they are inconvenient, at some levels. In fact, for business reasons, there are very good reasons for doing both: hence the call to deploy the security model into the application (chrome/ branding box) and for easing up the security of the crypto layer (self-signed certs or ADH, although the latter is now deprecated so it is not really worth it). Now, all of this was just of academic interest until phishing came along. The crypto world was divided into two: the SSL camp that was happy, and the rest, equally happy. However, now, we have the prime application that considers security to be its SSL/HTTPS/Cert architecture, being breached on a daily basis. Now, it's important. iang _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
