Re: Kurt Seifred's article on securityportal

[Michael Sierchio]

Eric Rescorla wrote:

> A MITM attack WOULD be possible if the browser didn't check the
> server's certificate against the expected identity.

A check against the expected identity is only useful if the
binding of the pubkey to the identity is trusted.  A MITM can
generate a signed cert on the fly with the expected identity...

> I don't see what your point is here. First, this has nothing
> to do with SSL per se....

> This is a problem with any certificate-based system and has nothing
> whatsoever to do with SSL.

This sounds suspiciously like Ford's position about Explorer rollovers --
it's a tire problem.  

It is indeed an SSL problem -- the protocol and its components rely
on PKI,  but PKI isn't really there yet.  A mutually authenticated
channel, in which the server presents the DNs of trusted signing
authorities as part of the handshake, offers a lot more protection
even for the client.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]