ietf
[Top] [All Lists]

Re: WG Review: Open Pluggable Edge Services (opes)

2001-06-20 09:40:05
From: Adam Shostack <adam(_at_)homeport(_dot_)org>
To: Vernon Schryver <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com>
Cc: ietf-openproxy(_at_)IMC(_dot_)ORG, ietf(_at_)ietf(_dot_)org

...
Unfortunately, the become your own CA solution doesn't actually help
deal with the issue of man-in-the-middle attacks.  The threat under
discussion is that there is a proxy modifying content; we'd like to
prevent that.  If the server sends a key without reference to some
established authority, then the MITM may simply replace that key with
one of its own, or translate the http-over-SSL request into a
cleartext http request, or otherwise munge the session, because there
is no way for the browser to figure out if the self-signed key is the
one the server sent.

(I find it unfortunate because often, become your own CA is a good 
idea, and this is one of the few cases where its not.)

That is what Verisign would like you to believe, but it is inaccurate
in more than one way.

In fact, becoming your own CA is most of a solution to man-in-the-middle
attacks.  In practice (e.g. assuming you are not under special attack by
people who could and would also mount "back bag," TEMPEST, and other
attacks against you and your systems), all that remains is to exchange
certificates with operators of other SMTP servers and clients that you
care about.

If the IETF would be its own CA and publish a certificate for loki
somewhere at http://www.ietf.org, then those who care to cut out men in
the middle on the output of this list could do so by copying that
certificate and making a link to it (at least if they're running sendmail
8.11 or newer).

A second problem with the Verisign sales--uh--information is that there
are hassles in detecting STARTTLS verfy=NO or =FAIL in MUA's.  It's not
good enough to have to read Received: lines to check that a message that
looks as if it came from the IETF's list was really from the IETF's SMTP
client.  This problem has nothing to do with whether you pay Verisign's
ridiculous fees for almost nothing.  However, for squashing the data
muggers, this problem is not relevant.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com



<Prev in Thread] Current Thread [Next in Thread>