[cryptography] how many MITM-enabling sub-roots chain up to public-facing CAs ?

Marsh Ray marsh at extendedsubset.com
Tue Feb 14 16:03:34 EST 2012

On 02/14/2012 02:56 PM, Ralph Holz wrote:
> BTW, what we do not address is an attacker sending us many forged chains
> and/or traces. We don't want clients have to register with our server
> and obtain an identity. That's a sore point.

Aren't the certs of interest those that chain to a well-known root?

So they could be validated, and those that don't could be efficiently 
discarded. At that point, the attacker is reduced to effectively doing 
an SSL DoS on you which is likely to grow old quickly.

- Marsh

More information about the cryptography mailing list