[SSL Observatory] SSL CA compromise in the wild
Steve Schultze
sjs at princeton.edu
Wed Mar 23 10:55:38 PDT 2011
On Mar 23, 2011, at 1:49 PM, Daniel Kahn Gillmor wrote:
> On 03/23/2011 01:33 PM, Steve Schultze wrote:
>> I do wonder whether there has been any work on TOFU for SSL cert verification other than the existing Firefox plugins like Cert Patrol... of course cert rollover and accelerators probably make that hard to do well. Maybe TOFU of the CA rather than the leaf would be viable.
>
> TOFU of a CA sounds like a bad idea to me.
It doesn't solve all of the threat scenarios, but it solves some of them. Why does it sound bad?
>> Anyway, I stand by the first part of my email fwiw... SSH is just TOFU.
>
> Unless you use OpenSSH's new self-designed certificates;
reference? I'm not sure what this means.
> or Roumen Petrov's X.509 patches [0]
Thus importing the vulnerabilities of PKIX?
> or the OpenPGP Web of Trust via Monkeysphere [1].
relying fundamentally on WoT.
The above two are great, but it's important to note that there are basically three models being represented here, all of which have existed for some time (although not completely implemented for all protocols):
- CA/X.509 PKIX
- WoT
- TOFU
More information about the Observatory
mailing list