On 4/21/05, Duane <[EMAIL PROTECTED]> wrote: > such as a company proxy server intercepting all SSL traffic.
It is possible to create a brain-in-a-vat scenario, where the attacker controls every bit you get. In this scenario, I agree that petnames, fingerprints, CAs, even Verisign and their 7 secret rings cannot save you. The attacker owns you. One way to do this is simply to replace the Firefox install file. The Firefox install is typically fetched over an HTTP connection to a raw IP address. What could be easier to phish? We have to give up on the brain-in-a-vat scenario. For less powerful attacks there is hope. By using petnames, and cross-referencing fingerprints, we can detect attempts to subvert existing relationships and even detect a not-quite-complete attempt to treat us like a brain-in-a-vat. So where are we? Do you agree about giving up on the brain-in-a-vat scenario? If not, do you think you have a solution? Outside the brain-in-a-vat scenario, do you see the value of petnames and fingerprints, or is more discussion needed? Tyler -- The web-calculus is the union of REST and capability-based security: http://www.waterken.com/dev/Web/ _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
