[cryptography] current limits of proving MITM (Re: Gmail and SSL)

Jeffrey Walton noloader at gmail.com
Sun Dec 16 17:11:54 EST 2012


On Sun, Dec 16, 2012 at 12:07 PM, Ben Laurie <ben at links.org> wrote:
> On Sun, Dec 16, 2012 at 9:48 AM, ianG <iang at iang.org> wrote:
>> Just to nitpick on this point, a CA certainly can claim that they or an
>> agent did not sign a certificate.  And, they can provide the evidence, and
>> should have the ability to do this:  CAs internally have logs as to what
>> they did or did not sign, and this is part of their internal process.
>>
>> This is because the real world doesn't trust the cryptographic evidence on
>> the face of it, we always need to go back to an independent verification of
>> some form - a further point against Ben's proposal.
>
> You have not substantiated any points, and this is further nonsense:
> if a CA claims they did not sign something which has been signed with
> their key, then they are claiming they cannot manage their key. They
> are still not acting correctly, either way.
I'm not sure its nonsense :)

But your point and Ian's point are taken: the CA is in jeopardy either
way. If they sign a subordinate CA or certificate for a server outside
the owner's control, and then deny afterwards, it likely means their
infrastructure is compromised. It's pretty much an untenable
situation.

>From Diginotar and Trustwave, we know its better to issue the
certificate and then claim you did so once caught rather than take the
"infrastructure is compromised" defense.

And to add insult to injury, Trustwave was rewarded for their bad
behavior. The Browser safety nets - such as Mozilla - completely
failed too.

I suspect in the future an untrustworthy CA will say nothing (i.e.,
neither confirm nor deny), which means someone (the EFF?) will have to
take legal action to pry the answers out of them. "Say Nothing" seems
the be the standard operating procedure from the corporate lawyers
when the corporation is going down a rabbit hole.

That means the process Google (et al) are setting up has to make
provisions for "say nothing." Sticks are mandatory in the "catch me if
you can" corporate world; carrots are optional.



More information about the cryptography mailing list