I agree with all your points, but I thought I would add one more.
If the man-in-the-stack were named mack, and you were named jack,
then you would be vulnerable to a mack-in-the-stack attack jack,
which should be in the FAQ.
Its late. My apologies to the terminally serious.
_____________________________________
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_____________________________________
----- Original Message -----
From: "Andrew Cooke" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 25, 2001 3:07 PM
Subject: Re: localhost certificate (no, really!)
>
> [Sorry for the long gap before replying]
>
> As far as I can tell, the following might work:
>
> - get a certificate with an arbitrary domain name (say foo.bar.com)
> - configure DNS to return 127.0.0.1 when clients want to convert
> for.bar.com to an address
> - supply the foo.bar.com certificate to the browser from localhost
>
> Security on the local machine isn't really an issue - if the machine is
> compromised then (as you say) there are much worse attacks than snooping
> local data flow. The aim is to avoid browser warnings in a sequence of
> transactions (which, when to remote machines, do need to be secure).
> However, there is at least one attack I can think of if the client
> software is widely distributed: the foo.bar.com certificate and key will
> also become widely distributed and DNS spoofing would allow someone to
> divert the connection to a malicious machine (ie not localhost).
>
> Any comments, anyone? (thanks for previous replies; apologies again for
> not replying for some time),
>
> Andrew
>
> Greg Stark wrote:
> >
> > Andrew,
> >
> > Ha, that's a good one. Seriously, I'd imagine they might be
reluctant to
> > issue it because the DN would not be unique. Does Verisign / Thawte
insist
> > on unique DN's? I would think they'd have to. That's what the D in DN is
all
> > about, right? You could add other unique information to the DN to solve
this
> > problem, like include an second CN with a real internet hostname. I have
> > seen certs with multiple CN's.
> >
> > Would it work? It would be subject to a MITS (man-in-the-stack)
attack,
> > but you've got bigger problems if you got a man in your stack ;)
> >
> > Greg Stark, [EMAIL PROTECTED]
> > Ethentica, Inc.
> > www.ethentica.com
> >
> > ----- Original Message -----
> > From: "Andrew Cooke" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Friday, January 12, 2001 12:39 PM
> > Subject: localhost certificate (no, really!)
> >
> > >
> > > Hi,
> > >
> > > Is it possible to buy a "localhost" certificate from any of the major
> > > suppliers? Is there any reason why it wouldn't work?
> > >
> > > (It's for an application that will run on arbitrary machines that
needs
> > > a web browser to make a local connection as part of a sequence of
secure
> > > connections - supplying a certificate will stop any security warning
> > > from the browser telling the user that they are insecure...)
> > >
> > > Thanks,
> > > Andrew
> > > ______________________________________________________________________
> > > OpenSSL Project http://www.openssl.org
> > > User Support Mailing List [EMAIL PROTECTED]
> > > Automated List Manager [EMAIL PROTECTED]
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
