[cryptography] how many MITM-enabling sub-roots chain up to public-facing CAs ?

Ralph Holz holz at net.in.tum.de
Tue Feb 14 16:06:56 EST 2012


Hi,

>> BTW, what we do not address is an attacker sending us many forged chains
>> and/or traces. We don't want clients have to register with our server
>> and obtain an identity. That's a sore point.
> 
> Aren't the certs of interest those that chain to a well-known root?
> So they could be validated, and those that don't could be efficiently
> discarded. At that point, the attacker is reduced to effectively doing
> an SSL DoS on you which is likely to grow old quickly.

Yes, the certs are the lesser problem. The problem is that hunting tasks
can be pulled by anyone from the server and results sent back. This is
still not too bad DoS-wise, but it allows to send forged traceroute results.

Ralph

-- 
Ralph Holz
Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20120214/4f5b7112/attachment.asc>


More information about the cryptography mailing list