I responded directly to Duane off list as the original message appeared, at least in gmail, to address me only.
ram ---------- Forwarded message ---------- From: Ram A Moskovitz <[EMAIL PROTECTED]> Date: May 19, 2005 3:03 PM Subject: Re: Lack of certificate change warnings! To: Duane <[EMAIL PROTECTED]> On 5/19/05, Duane <[EMAIL PROTECTED]> wrote: > Ram A Moskovitz wrote: > > A healthy dose of paranoia is not a bad thing in a security type. If > > someone came out of the gate with your statement I'd normally not > > respond (even if I had plenty of time to do so). Since you seem > > generally open to reason I'll assume you haven't totally thought this > > through. My thoughts inline... > > See that's been my whole issue with this, no one has responded, > basically there is a potential to invade privacy, and I doubt that it > would be done for online bank sites who they could easily compel for the > information anyway. The NSA and other government agencies (US and > otherwise), not to mention some ISPs have been involved in court cases > where it was ruled in their favour, while I doubt anything has happened > yet, it is simply one vector of attack that could be exploited. > > Perhaps I should have used a more subtle variation. I suspect if you had you would've gotten more responses. There are so many people online that you have to be picky about who you are willing to engage or you may find yourself spending all your time debating with people who don't really care or who's goal is not progressing the science you are interested in but rather are immersed in the pleasure of teasing you. Presentation is key. Repetition is another reason folks tend to ignore topics; if it's been discussed more than a few times that is enough to prevent most folks (again saving their time) from engaging in a discussion. > ISP xyz, has access to intercept their clients email, so this would blow > most authority of domain requests. Next they install it on a proxy so > they can capture their clients web traffic, client doesn't suspect or > realise anything is different, end result the ISP captures all credit > card information, or maybe it's secure mail, or any number of other > things people use SSL for. > > I'll admit we are also vulnerable to this type of attack as well, on the > other hand we're building up a web of trust with the intent of not > issuing these types of certs in the long term either. Surely you would support issuing a cert to prevent a big crime or find a really bad person if you were sure that were the situaton. You are as susceptible as the employees at VeriSign of being sensitive to social issues. > > This may be true, I'm not sure that it is. I suppose that a court > > order is generally compelling so this doesn't sound impossible. On the > > other hand if there is an easier way to do it that is presumably a > > greater concern. How hard would be be to get a CA with an easier > > authentication process to issue a cert for any domain name that you > > wish that would be trusted by Firefox, IE, and Opera? In any case I > > think you would go along with any legitimate request made by a > > legitimate government authority; I would. > > As above I was pointing out worst case, simply because I have not been > blessed with a response from anyone about this. Dramatic but apparently not as effective as you hoped. Probably because dramatic presentation correlatest as highly with lack of earnest intent as it does with frustration; I think you were (are?) frustrated as your normal behavior is indicative of earnest interest in advancing social and individual causes (freedom, safety, happyness etc). > > There is some truth / value here but there's a usability issue too - > > hopefully a balance can be found. Perhaps for a user who participates > > in high value or high sensitivty transactions this is worth doing; for > > someone spending $27 online, the intrusion anytime the site renews > > it's certificate or changes CA providers or website hosters (if they > > use that route) this is probably overkill and will result in further > > training the user to say OK to anything that pops up. > > I was chatting, and one thought on this was to potentially get round > this by having a mini CRL that a client could download from the previous > CA stating they have moved kind of like a 302 redirect. Obviously there > is an issue with getting previous CAs to implement this as it wouldn't > always be in their best interests. This would only ever need to be > checked by each client once. It's not impossible but there are simpler solutions. In any case I think the part of the fence you are trying to raise by solving the cert change issue is already much higher than the low parts of the fence. I don't think this is worth the effort to figure out until we address much bigger problems. I think I'm being practical. > > The right approach here in my opinion is to understand that not every > > user has the same level of savvy nor the same level of needs. When > > installing a browser, OS, or any other app a brief interview of the > > user might be a very nice approach. In the case of a web browser the > > two obvious questions are: > > Again I realise this, but we should all be forced to bury our head in > the sand and hope everything is just peachy 100% of the time. ? Things are not peachy. The world is slowly adding the internet to its methods of interacting and the criminals are more prepared than the good guys. I think that addressing the broader UI issue I present is much more important in terms of practical benefit to the user community than preventing against certificate substitution attacks. > Again this isn't most likely to effect credit or financial requests, > although that is definitely motive, such as the AOL employee that was > caught selling email addresses, everything is valuable to someone. > > And again Mozilla needs to work out who it's user base is and cater for > them, because it's going backwards and forwards on joe nobody, and their > developers and presently there is no way to use one mode or the other > easily and it's going to bite someone somewhere eventually. I think prioritization is key given that we are dealing with limited resourses. I am willing to contribute my (fairly valuable I think) time and expertese to help debate approaches and design solutions [it is what I have been doing for a living for quite some time]. I strongly prefer to address high yield issues such as the UI or driving revocation checking to market over lower yield issues like enabling certificate change detection. When the big stuff is fixed then the medium stuff will be the new big stuff and the small stuff will be the new medium stuff... > > Ok here is where I think you haven't really thought it through. As you > > are probably aware VeriSign is scrutinized rather carefully. If CACert > > issues a bad cert - no offense - no one will notice - perhaps this > > will change in time. If VeriSign changes the root level > > domain-name-system zone files for a website that is used it will be > > noticed and it will be talked about broadly; even the smallest change > > gets noticed and discussed (lurk on NANOG the north american network > > operator group email list - the smallest squeak in anything VeriSign > > does shows up initially as a doomsday warning in that very broadly > > distributed list). > > Again, worst case, it's possible, but unlikely to happen. So why focus on it while there are more serious problems still at hand? > > Another easier attack would be to sneak evil-ware onto your machine - > > most people are using relatively vulnerable operating systems and > > relatively vulnerable client software - most of which do not require > > signing nor revocation checking. I can't remember the last time I saw > > a month go by without learning of an available attack vector. I think > > this is the target space that is being worked most aggresively today - > > I'll use SP2 as an example of that, it broke functionality but it made > > Windows users much better off. I'm hoping we'll see another > > improvement with IE7 but I'm not going to bet on it until I see it :) > > In any case if the users computer is infect a root cert in theory could > be installed as well, so an end point compromised you're pretty much > screwed, they don't even go to the trouble of installing certs, they > just key log instead. Good example of a bigger problem. I think the inline security disabling feature of FF is a disaster for my relatives who have no idea and probably realize they should always click OK and not Cancel. _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
