[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Dec 1 00:01:07 EST 2011

ianG <iang at iang.org> writes:
>On 1/12/11 15:10 PM, Peter Gutmann wrote:
>> ianG<iang at iang.org>  writes:
>>> Is this in anyway a cause for action in contract?  Is this a caused for
>>> revocation?
>> And given that you have to ask the MITM for the revocation information, how
>> would you revoke such a cert?
>Wait!  Mallory has delivered Alice a valid CA-signed-sub-CA-signed cert.
>That is the valid information, right?  There was nothing wrong the cert that
>wasn't seen, it is the new one that is at fault.

I assumed you were asking whether it was cause for revocation of the MITM CA.
Since you have to go via the MITM to do the blacklist check, you're hosed.

In any case though since you own the MITM CA all you need to do is leave out
the authorityInfoAccess and the clients won't even try and check.  Or make it
a CRL, and many won't bother checking even if the AIA is present (that's a
nice way to get a cheap CA cert for a year, buy it from a commercial CA, make
sure the revocation is done via a CRL, say you changed your mind and want your
money back, and you've got your own nearly-free CA cert for a year when
nothing bothers checking the CRL, as users of such CA certs have discovered in
the past :-).

Those were reasons #528 and #309 in the series.


More information about the cryptography mailing list