[SSL Observatory] SSL CA compromise in the wild
Chris Palmer
chris at eff.org
Wed Mar 23 10:41:37 PDT 2011
On 03/23/2011 10:33 AM, Steve Schultze wrote:
> I do wonder whether there has been any work on TOFU for SSL cert
> verification other than the existing Firefox plugins like Cert
> Patrol... of course cert rollover and accelerators probably make that
> hard to do well. Maybe TOFU of the CA rather than the leaf would be
> viable.
Yes, cert rollover is a problem for TOFU, of course. I don't see why
accelerators would be — you install your cert in your HTTPS endpoint,
whatever that happens to be. Gmail, for example, is obviously hosted on
many servers, but they all have the same cryptographic identity (and
have had for a long time). (Last time I checked, anyway. See slides 62 -
65 of https://docs.google.com/present/view?id=df9sn445_206ff3kn9gs.)
> Anyway, I stand by the first part of my email fwiw... SSH is just TOFU.
And I stand by my assertion that TOFU is significantly better than what
we have. What we have is Total Pwnage.
--
Chris Palmer
Technology Director, Electronic Frontier Foundation
https://www.eff.org/code
More information about the Observatory
mailing list