on www.example.com being squatted, the problem is the squatter does not
get the private key, so yes it has a certificate with a public key, but
everybody does...
To use the certificate, he will have to regenerate a private key, which
means a new certificate and expiring the old one.
The question is, as all domain names are registered with credit cards,
how much do you trust banks? Do we need more trust?
Indeed there are a few problems with social engineering but, the game is
to propose something, pass it through review of security experts and see
if they can improove.
SSLv1 was hacked during its first official presentation...
Also, in my internet explorer there are a bunch of root certificates
that I don't know about and if you send a e-mail to Microsoft they will
add your root-CA to the windows update site that will push it to all
Internet Explorer.
Ideally, we should rate each CA in our applications and the application
should give us a level of risk...
Most of the time what we want is tracability. I have a problem with a
site, then I look for who paid for the certificate and then get the card
holder and then involve the police. I have someone to get hold of...
What all CA out there are just doing is passing the buck and ensuring
they can do it...
Cheers.
-----Original Message-----
From: Christian Huitema [mailto:huitema(_at_)windows(_dot_)microsoft(_dot_)com]
Part of the problem is that we are mixing to issues, i.e. "am I speaking
to the server that is legitimely designated by the name
www.example.com", and "am I speaking to the service that is supposed to
manage my examples." Attaching certificates to names may solve the
former; solving the latter requires that the user discovers in a trusted
way the DNS name associated to the service. We know that there are many
psychology-based attacks that can fool users to connect to use the wrong
name; PKI certificates attached to the DNS name is not going to solve
that.
There is in addition an even more murky area, which is the validity of
the binding over time. Some artists specialize in grabbing DNS names
that their legitimate users fail to renew in time. Suddenly,
www.example.com is not managing my examples anymore, it has become a
gateway to a porn site. Yet, that porn portal has a perfectly valid and
up-to-date PKI certificate. Amusing, isn't it?
-- Christian Huitema
smime.p7s
Description: S/MIME cryptographic signature