[cryptography] yet another certificate MITM attack
iang at iang.org
Fri Jan 11 14:31:17 EST 2013
On 11/01/13 21:57 PM, Jeffrey Walton wrote:
> On Fri, Jan 11, 2013 at 12:20 PM, Thierry Moreau
> <thierry.moreau at connotech.com> wrote:
>> Jeffrey Walton wrote:
>> More seriously, I agree that the questions raised by Jeffrey are relevant,
>> and I support his main point. End-to-end security should make some sense,
>> even today.
> I think a layman expects end-to-end security. As a more informed user,
> I also expect end-to-end security.
> What befuddles me is some folks don't expect it (or perhaps don't want
> it?). I am amazed at how the industry has conditioned them.
We saw similat in the internal corporate MITM debate. Back in the late
2000s, there were allegations that CAs were selling MITM subCAs for the
purpose of corporations monitoring the network traffic of their
employees. There was a confluence of opportunity ($50k from memory),
there was a real need by corporations, and there was a blanket of
secrecy over the business.
So, those who complained were not heard. Vendors and CAs did not do
Fast forward somewhat, and a debate started up about these unknown
sub-CAs. It became very apparent that we had no idea what was going on,
which cast doubt over the overall governance. At the same time as
pressure ratcheted up on those, the attacks started in 2010-2011.
Perhaps with this in mind, vendors shifted and decided MITM sub-CAs were
a no-no. Mozilla sent out a letter at some point (2011?) to make the
point. I suspect some other vendors did the same.
Then, Trustwave popped up - they seem to have responded to the pressure
and had retired the MITM sub-CA they had sold. They just snuck a
disclosure in somewhere .. which got picked up ... and boom.
We - the vocal community of observers - decided that MITM sub-CAs was a
bad idea. In doing that, we consensually decided that the (valid)
reasons presented were not enough.
We're going to see a bunch of reasons why Nokia can do a
proxy-sub-CA-MITM or whatever this is. Why it can do MITMing that isn't
MITMing. And then we are going to decide, YAY or NAY.
So let's see those reasons?
More information about the cryptography