[145888] in cryptography@c2.net mail archive
RE: A mighty fortress is our PKI, Part III
daemon@ATHENA.MIT.EDU (Carl Ellison)
Thu Sep 16 09:34:03 2010
From: "Carl Ellison" <cme@acm.org>
To: "'Andy Steingruebl'" <steingra@gmail.com>,
"'Peter Gutmann'" <pgut001@cs.auckland.ac.nz>
Cc: <cryptography@metzdowd.com>
In-Reply-To: <AANLkTikteq5HpgKZbN7J9bNzi-5xgrpbEN8c57RuBHvx@mail.gmail.com>
Date: Thu, 16 Sep 2010 07:28:49 -0400
I, too, would love to get the details, but Peter is right here.
The flaw he reported was in the PKI itself, not in the UI. If there =
were a
bulletproof OS with perfect non-confusing UI, once the malware has a =
valid
signature that traces to a valid certificate, it's the PKI that failed.
As for EV being as meaningless as ordinary certificates, that's the =
point
Peter is making. Of course, neither of them certifies the qualities of =
the
publisher that the end user cares about. That would be too expensive =
and
open to liability (therefore, more expensive still). But, in a verbal =
shell
game, the CAs make it sound like someone with an expensive certificate =
is
trustworthy (in the end-user's value system).
-----Original Message-----
From: owner-cryptography@metzdowd.com
[mailto:owner-cryptography@metzdowd.com] On Behalf Of Andy Steingruebl
Sent: Wednesday, September 15, 2010 4:12 PM
To: Peter Gutmann
Cc: cryptography@metzdowd.com
Subject: Re: A mighty fortress is our PKI, Part III
On Wed, Sep 15, 2010 at 8:39 AM, Peter Gutmann
<pgut001@cs.auckland.ac.nz> wrote:
> Some more amusing anecdotes from the world of PKI:
Peter,
Not to be too contrary (though at least a little) - not all of these
are really PKI failures are they?
> - There's malware out there that pokes fake Verisign certificates into =
the
> =A0Windows trusted cert store, allowing the malware authors to be =
their own
> =A0Verisign.
The malware could just as easily fake the whole UI. Is it really
PKI's fault that it doesn't defend against malware? Did even the
grandest supporters ever claim it could/did?
> - CAs have issued certs to cybercrime web sites like
> =A0https://www.pay-per-install.com (an affiliate program for malware
> =A0installers), because hey, the Russian mafia's money is as good as =
anyone
> =A0else's.
Similarly here - non-EV CAs bind DNS names to a field in a
certificate. No more. They don't vouch for the business being run,
and in any case any such "audit" would be point in time anyway. I
suppose way back when people "promised" that certs would do this, but
does anyone believe that anymore and have it as an expectation?
Perhaps you're setting the bar a bit high?
BTW - do you have pointers to most of the things you've reported? I'd
love to get the full sordid details :)
- Andy
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to =
majordomo@metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
