[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fw: IPSec vs. SSL

>In reading the article there appears to be no weakness in the SSL protocol
>itself that is at issue.  What seems to be the concern is that browsers and
>user desktops are easy to thwart and the platform itself may be untrusted.

The obvious problem with SSL as commonly implemented is that there is one-way
authentication, which means that if I can subvert any of the 85 CAs which are
"trusted" by your client's browser and get them to issue me a certificate which
I don't deserve, then I can do an active man-in-the-middle attack.  Subvert is
actually a more semantics-laden word than I need to use here: if I can get some
buggy ASP which gives out freemail certs from one of those 85 CAs to give me an
"www.home.com" cert, then you'll never know what hit you.

Obviously, this is not a defect in the protocol, but for exactly the reasons
that SSL is often chosen (deployment is so simple because it's built into the
browser, interoperability is good, the user doesn't have to do anything, etc.),
it is also vulnerable to that kind of attack.

But because most SSL is done because of the non-existent threat of eavesdropped
credit card numbers, the threat is obviously matched by the cure.


Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Phone: +1 520 324 0494 x101 (v) +1 520 324 0495 (FAX)  
jms@Opus1.COM    http://www.opus1.com/jms    Opus One