[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes



Roger Dingledine writes:

> > I know we could SSL sigaint.org, but if it is a state-actor they could just
> > use one of their CAs and mill a key.
> 
> This is not great logic. You're running a website without SSL, even though
> you know people are attacking you? Shouldn't your users be hassling you
> to give them better options? :)
> 
> As you say, SSL is not perfect, but it does raise the bar a lot. That
> seems like the obvious next step for making your website safer for
> your users.

What's more, you can conceivably detect the bad CAs through your own
scans or tests (if your scans can find widespread BadExits, they could
equally find widespread bad CAs whose certs are fraudulently presented
by those same BadExits).  You could also use HPKP pinning with the
report-uri mechanism to have clients tell you when they encounter fake
keys, although it's not clear that you can get a lot of benefit from
that in the default Tor Browser.

People are _very_ interested in knowing about compromised CAs.  So I
encourage people not to just assume that they're numerous and not bother
to use tools to detect them. :-)

-- 
Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk