[159205] in North American Network Operators' Group
Re: Gmail and SSL
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Sun Dec 30 15:34:30 2012
In-Reply-To: <e81niuwcvhhkhqpfc78mnmgc.1356899401801@email.android.com>
Date: Sun, 30 Dec 2012 15:34:19 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: kmedcalf <kmedcalf@dessus.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Dec 30, 2012 at 3:30 PM, Keith Medcalf <kmedcalf@dessus.com> wrote:
> Your assertion that using "bought" certificates provides any security ben=
efit whatsoever assumes facts not in evidence.
>
> Given recent failures in this space I would posit that the requirement to=
use certificates purchased from entities "under the thumb" of government c=
ontrol, clearly motivated only by profit, and with highly questionable mora=
l and ethical standards represents a huge increase in risk of passive attac=
k and confidentiality failure where such rosk did not previously exist.
>
backing up some, I think the problem trying to be solved by requiring
'legitimate' certificates is stopping the obvious problems of mitm
attacks, ala mallory-proxy.
in the longer term, if the client can know that the server was
supposed to present a cert with fingerprint XFOOBYFOOB and it can see
that fingerprint for the cert presented in the session we all win,
right?
