> I do not believe there is an error in my logic.
> You are using the client's trust of the Proxy
> to bootstrap whether or not the client trusts
> the Host with whom it is attempting to communicate
> securely.
If I put 'www.foo.com' in my browser, I want to make sure I reach the
server owned/operated by 'www.foo.com'. I'm willing to take whatever data
'www.foo.com' sends me as I have no control over where they get the data
they send me. That is the sole purpose of the certificate. 'www.foo.com' can
do anything at all. It can get data from other sources I don't trust, all
the certificate assures me is that whatever content I do see has been
blessed by 'www.foo.com'.
The proxy does not change this. The proxy *is* 'www.foo.com'. The
certificate ensures me the data does come from 'www.foo.com'. I have on
control over where 'www.foo.com' gets its data from, that's 'www.foo.com's
job, or in this case, that's the proxy's job.
> If the Proxy server becomes compromised, the Proxy
> will continue to be trusted by the clients even
> though all of the data exchanged between the Client
> and the Host will now be visible to an attacker. Or
> worse the proxy can redirect to a host which is not
> even yours.
*Any* host can do this. If 'www.amazon.com' becomes compromised, then
anyone can see the data I see when I punch in 'https://www.amazon.com' and
see a lock icon. All the certificate assures me is that 'www.amazon.com'
takes responsibility for my content.
> In my mind, the Client should not care one bit
> about the identity of the Proxy,
That's like saying I shouldn't care whether a news story was in the Sun or
the New York Times. The proxy is the publisher. The publisher puts his
reputation on the story. My decision to trust the story is based upon the
credibility of the publisher, not the author. (An author can write stories
for both the Times and the Sun, I would expect their trustworthiness to
differ.)
> the Proxy should
> simply being acting as a packet forwarder through
> which the SSL/TLS session between the Client and
> the Host is negotiated. Now what I see as your
> problem is that the Client (being a standard browser)
> is not going to trust the certificates which you
> are using for Host identification.
You misunderstand. In this case, the servers are like authors, the proxies
are like publishers. The job of the proxy is to validate the author's
credentials.
> Assuming that the Proxy has not fallen into the wrong
> hands is like assuming you will never be attacked. The
> point of security analysis of protocols is to determine
> where the weak points are and how those weak points
> could result in data compromise if they were to fail.
Anything past the host is always beyond the scope of the authentication
scheme. The HTTPS protocol doesn't provide any assurance other than that the
content you see was 'blessed' by the host you entered in the URL. This
scheme preserves that assurance.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
