[159251] in North American Network Operators' Group
Re: Gmail and SSL
daemon@ATHENA.MIT.EDU (William Herrin)
Wed Jan 2 17:27:35 2013
In-Reply-To: <CAK__KzsBYUH=pF49O6MTTp9M3C-X01ytxtsav-KncSLeLpKWzg@mail.gmail.com>
From: William Herrin <bill@herrin.us>
Date: Wed, 2 Jan 2013 17:27:06 -0500
To: George Herbert <george.herbert@gmail.com>
Cc: John Levine <johnl@iecc.com>, nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Jan 2, 2013 at 3:10 PM, George Herbert <george.herbert@gmail.com> wrote:
> On Wed, Jan 2, 2013 at 11:36 AM, William Herrin <bill@herrin.us> wrote:
>> Communications using a key signed by a trusted
>> third party suffer such attacks only with extraordinary difficulty on
>> the part of the attacker. It's purely a technical matter.
>
> While I agree with your general characterization of MIIM, the
> "extraordinary difficulty" here is not supported.
AFAICT someone finds a way to get themselves a certificate for a
domain they don't control every couple years or so. The hole is
promptly plugged (and the certs revoked) before much actually happens
as a result. Has your experience been different?
Are you, at this moment, able to acquire a falsely signed certificate
for www.herrin.us that my web browser will accept?
You're right that false certificates have been issued in the past.
You're right that false certificates will be issued again in the
future. No security apparatus is 100% effective. But if despite your
resources you in particular can't make it happen in a timely manner,
that's a meaningful barrier to mounting a man-in-the-middle attack
against someone using properly signed certificates.
Regards,
Bill Herrin
--
William D. Herrin ................ herrin@dirtside.com bill@herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
