[14069] in cryptography@c2.net mail archive
Re: Is cryptography where security took the wrong branch?
daemon@ATHENA.MIT.EDU (Eric Rescorla)
Sun Sep 7 18:09:03 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: Ben Laurie <ben@algroup.co.uk>
Cc: iang@systemics.com, crypto <cryptography@metzdowd.com>
Reply-To: EKR <ekr@rtfm.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: 07 Sep 2003 14:13:31 -0700
In-Reply-To: <3F5B91E6.5060304@algroup.co.uk>
Ben Laurie <ben@algroup.co.uk> writes:
> Eric Rescorla wrote:
> > Incidentally, when designing SHTTP we envisioned that credit
> > transactions would be done with signatures. I would say that
> > the Netscape guys were right in believing that confidentiality
> > for the CC number was good enough.
>
> I don't think so. One of the things I'm running into increasingly with
> HTTPS is that you can't do an end-to-end check on a cert. That is, if I
> have some guy logging into some site using a client cert, and that site
> then makes a back-end connection to another site, there's no way it can
> prove to the back-end site that it has the real guy online (without
> playing nasty tricks with the guts of SSL, anyway), and there's
> certainly no way to prove that some particular response came from him.
> Signing stuff would deal with this trivially.
Well, I'd certainly like to believe that this is true, since
it would mean that Allan and I were right all along. :)
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
