[cryptography] how many MITM-enabling sub-roots chain up to public-facing CAs ?
marsh at extendedsubset.com
Tue Feb 14 16:03:34 EST 2012
On 02/14/2012 02:56 PM, Ralph Holz wrote:
> BTW, what we do not address is an attacker sending us many forged chains
> and/or traces. We don't want clients have to register with our server
> and obtain an identity. That's a sore point.
Aren't the certs of interest those that chain to a well-known root?
So they could be validated, and those that don't could be efficiently
discarded. At that point, the attacker is reduced to effectively doing
an SSL DoS on you which is likely to grow old quickly.
More information about the cryptography