On 1/8/14 1:44 AM, TheMindwareGroup wrote:
https://wiki.thc.org/ssl
Thank you for linking that resource. It explains the issue really well. I don't think the issue they are describing matches your doom scenario though.
Yes, the CA system sucks horribly. It is best to assume that many of the world's intelligence agencies have a spare sub-CA of their national certificate authority. It goes too far to say that "all SSL streams are compromised". But there exist people that can decide them to be, indeed.
In short ssl is there playground, so even if ssl is used we still cannot trust it cos they can get into any ssl stream they like. Im not sure if this is true, cos i dont know how the key/shared secret is created, but the document hints that it might be based on the servers ssl certificate.
You cannot passively decrypt a stream with a CAs private keys. That key is only used for signing (fake) certificates. You would need the server's private keys, or even the temporarily shared secret in the case of EDH.
An active attack would be necessary to listen in on a stream. Active attacks are resource-limited and at least in case of the NSA, risky. You don't want to show everyone your fake certificate, so your attack must be targeted and used sparingly.
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk