On 2014-03-03 16:08, Demian Rosenkranz wrote: > ... a EE certificate, the rp software would recognize it, because the > corresponding signed object can't be validated.
An EE certificate used for a CMS signed object (e.g., a ROAs) is embedded in the CMS signed object itself. I.e., the EE certificate is not a separate file that a MITM could omit or delete. An rsync MITM could modify the CMS to not include an EE certificate, but we'd reject that as an invalid CMS object. Also, the hash of the CMS object would no longer match its corresponding hash in the manifest.
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
