This is not a MITM. A Man-in-the-middle attack assumes a party on the wire, witnessing all communication and able to insert arbitrary text.
Exactly. That's a MITM.
If I connect to 'www.amazon.com' through a MITM, that MITM can do one of two things. He can tamper with the certificate, replacing mine with his own, or he can pass my certificate. Without this check, a MITM could pass his own certificate, and handle both SSL conncetions (one to the server and one to the client) indepedently. He could then do whatever he wanted with the plaintext inbetween.
You're terribly confused. The integrity of the cert is that it's cryptographically signed. A MITM cannot tamper with the cert. A MITM cannot perform the handshake unless he already has the private key associated with the public key bound to the identity in the cert.
A MITM on the wire cannot tamper with the cert, cannot tamper with the handshake results without being detected, etc. SSL is proof against MITM when a server cert is presented.
Otherwise, as I've explained twice now, a MITM from 'www.evilhost.com' could grab any connection to 'www.amazon.com' and present his own certificate. The certificate would seem valid.
The certificate is valid, presumably. You have successfully authenticated www.evilhost.com and have established a secure connection to it. NOW what will you do? That's a matter of trust policy, which has nothing to do with MITM, nothing to do with SSL, etc.
It happens to be a very practical thing that browsers do, and is the correct default behavior, to raise an alert when the cert presented doesn't match the FQDN. But it's your choice at that point.
How am I protected against a MITM if I want to send my
credit card to 'www.amazon.com' but the MITM redirects me to
'www.evilhost.com'?
That's a redirect attack, a hijack, not MITM.
The case of connecting to a different party (hijacking) has nothing whatsoever to do with MITM.
A MITM is a different party! No offense, but do you have any idea what you're talking about?
Back to school, David. MITM is used by cryptographers to refer to an interposer who is able to see all traffic on the wire and inject all traffic between two parties. SSL was specifically designed to be proof against MITM.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
