On Sat, 6 Jul 2002, Richard Lynch wrote:
> I think we both agree that any old certificate is secure from snooping,
> right?

I would disagree with that.

In order to snoop on a connection, you need to have some access to the 

This may be by being in the same building with one of the endpoints, or by 
being in the same building as one of the ISPs involved, or by having 
remotely compromised a machine in one of the above locations.

If you have this access, then you can divert packets. You can move wires
around, or you can outrace a router and take over a connection as it's 
being initiated.

Therefore you can present a certificate which is indistinguishable to the 
client from the "real" server's self-signed certificate, effectively 
hijacking the session.

> Yes, a C&A signed certificate is nominally "better" than a non-signed one,
> since you know that at some point, somebody paid somebody at least $119
> (US), and that the certificate has the same domain name as the domain name
> of the computer you are now surfing to.
> You don't know it's the same computer, though, right?  It could easily be a
> stolen Cert and hijacked domain.
> For that matter, you don't know that a CRIMINAL purchased the C&A signed
> Certificate in the first place.

No, but the chances of each of these other things happening are 
progressively less.

A certificate signed by a known certificate authority tells you that the 
server you're talking with has a unique token provided to the entity 
named. That's better than not knowing that. 


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to