[SSL Observatory] Crossbear, was: Re: the CA sub-CA smoking gun
Ralph Holz
holz at net.in.tum.de
Sat Feb 4 02:54:54 PST 2012
Hi,
On 02/03/2012 11:11 PM, Tom Ritter wrote:
> This popped up on mozilla.dev.security.policy:
> http://groups.google.com/group/mozilla.dev.security.policy/browse_thread/thread/7a1c21bc445f8cb9/095cc78cec78a5b7#095cc78cec78a5b7
[...]
> And I put in some relevant quotes from Peter Gutmann and Lucky Green
> when this came up last time.
This is actually one use case for which we have written our Crossbear
tool: https://addons.mozilla.org/de/firefox/addon/crossbear/
It's a way not only to detect the MitM on the path, but also to attempt
to localise him on the level of IP address or AS by tracerouting from
different points on the globe. It shares a few features with
Perspectives and Convergence (and in fact makes use of the latter as a
welcome 3rd party vantage point, i.e. it uses it as a back-end). More
info available from the Mozilla link.
With events progressing this fast we have decided to release it today
(we had intended to wait until our "hunting infrastructure" was fully
operational - i.e. a PlanetLab deployment of "tracerouting entities").
Ralph
--
Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.eff.org/pipermail/observatory/attachments/20120204/32fc91e5/attachment.sig>
More information about the Observatory
mailing list