Thor Lancelot Simon wrote:
It's fashionable in some circles (including, it seems, this one) to bash
IPsec (particularly IKE) and tout SSL VPNs (particularly OpenVPN) on what
are basically user interface grounds.
I cannot help repeatedly noting that -- I believe more so than with actual
IPsec deployments, whether with or without IKE -- OpenVPN deployments are
often configured in hideously insecure ways. This is no more the fault of
OpenVPN's designers, of course, than the ghastly configuration interfaces
imposed by many IKE impledmentations are the fault of IPsec's designers.
We are dropping on end users, sysadmins and nno crypto programmers
decisions that seasoned cryptographers tend to screw up, and that end
users and sysadmins are never going to comprehend.
The way programmers approach modularity and code locality tends to leave
the end user outside the cryptographic boundary. The cryptography
module is very carefully made entirely independent of the user
interface, merely sending up arcane errors from time to time.
Consider, for example, the recent cookie stealing security failure in
Wordpress, fixed just a few days ago. It seems that for a very long
time, there was very straightforward, indeed in retrospect glaringly
obvious, security hole that allowed anyone on the internet to take
control of any host running Wordpress - which most hosts do run. You
can take control from Nigeria, you don't need to tap any lines. Anyone
anywhere in the world could have exercised any power over one's server
that one's Wordpress application can exercise, which is usually near
The defenders of SSL will quite correctly point out that the security
hole had absolutely nothing to do with SSL. The hole exists whether one
uses SSL or not, and almost no one uses SSL with Wordpress. And that
was exactly the problem. The writers of Wordpress, like the writers of
every other application, had to handroll their own authentication, and
of course fucked up. SSL sessions are not user sessions, thus SSL
authentication does not authenticate that user admin is the same
entity (or even has the same IP address) as the entity that correctly
logged in as user admin, does not, cannot, attempt to provide such
authentication, that being a higher layer issue - indeed, SSL
authentication is pretty much irrelevant to authenticating anything that
the attackers or defenders are likely to care about, which is why user
admin on a Wordpress application does not use SSL. SSL is so
wonderfully localized that attackers just stroll around it.
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]