[5395] in cryptography@c2.net mail archive
Re: going around the crypto
daemon@ATHENA.MIT.EDU (EKR)
Sat Aug 14 12:22:17 1999
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: cryptography@c2.net
From: EKR <ekr@rtfm.com>
Date: 13 Aug 1999 10:00:56 -0700
In-Reply-To: "Steven M. Bellovin"'s message of "Fri, 13 Aug 1999 12:51:12 -0400"
"Steven M. Bellovin" <smb@research.att.com> writes:
> > Now, this does require that the CAs that your browser trusts follow
> > the Common Name=domain name convention, but that's just a special
> > case of trusting your CAs.
>
> The attacker could also present a certficate from a fake CA with an
> appropriate name -- say, "Netscape Security Services", or something that
> plays on the site name they're trying to impersonate -- "Amazon.Com Encryption
> Certification Center" if someone is trying to reach Amazon.com or some such.
Right. In which case Netscape brings up a different dialog which
says that the server certificate is signed by an unrecognized
CA. Again, you can proceed, but it's not like it's automatic.
I'm fairly sure that IE refuses to connect at all.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
PureTLS - free SSLv3/TLS software for Java
http://www.rtfm.com/puretls/
