On Tue, 19 Dec 2000, Jeffrey Altman wrote:
> > Eric Rescorla wrote:
> >
> > > This isn't a MITM attack, however.
> >
> > Sorry, Eric -- if you don't know or trust the signer, then you only
> > know that the presenter (could be a MITM) has the private key associated
> > with the pubkey in the cert. This means that a MITM attack is entirely
> > possible. Trust in the CA is required to assure the binding of the
> > SubjectPublicKeyInfo to the DN. That's the feature that prevents
> > the MITM attack. There's also the convention among browser implementations
> > that the CN should be the FQHN, which is a PITA for numerous reasons.
> >
> > Of course, your browser presents no warnings whatsoever for certs
> > signed by any number of CAs that are "trusted" simply because their
> > root certs are bundled with the browser. And unless you manually
> > retrieve a CRL, you only know that a cert was valid when it was
> > issued.
>
> But as Eric said, this is not a protocol problem. This is a user
> training issue. There is only so much that software can do.
Software could be written to help solve this problem, for example to not
allow any connection from untrusted host, instead of asking the customer
if he's knowledgeable enough to accept the risks of accepting something
that could be potentially insecure... ;-)
--
Erwann ABALEA
[EMAIL PROTECTED]
RSA PGP Key ID: 0x2D0EABD5
------
I can't be stupid, I completed third grade!
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
