[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Perfect MITM attack with valid SSL Certs
- To: or-talk@xxxxxxxxxxxxx
- Subject: Perfect MITM attack with valid SSL Certs
- From: "Roc Admin" <onionroutor@xxxxxxxxx>
- Date: Tue, 23 Dec 2008 10:47:44 -0600
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Tue, 23 Dec 2008 11:47:50 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=1Ol8WwQAFmRRtVl9NqiBB7L1RvHKWyf1AIe1CQmYgUw=; b=A9qpsDiAZ1syyt2UnSu5g3kAJIqQqDSV1uogR030XH5IyjrR7fkw5taBn4RiknRWfz jTEq2oKsjFouYXMun9X3xMMdxq4/ygTuVGYDT4SKIyVI0dAJGbpnCledM8qnCWsv8Z3D yu07PwOoSxG7NUjN+T4zbUEWQaLJFSnzCCJ8Q=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=Ars+8t78e52oF7peli8PJxpMSdrAkuQZKLxsOaonKixs3B5P0WJFNWfITYwqF7JoHN lZZh5n04Zg9q3VvJrefkyKaMZqCBwH3N5iSu08AZNbqX0CYYLNlfJ33XFwWY+ZIDdeGn IKsCsCXfwSl2Adnxhnf5VDFOSQB++VcCmFk9Q=
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
http://blog.startcom.org/?p=145
Slashdot and others are reporting on this story about how it was possible for a person to receive a completely valid certificate for a random domain of his choosing without any questions or verification. In this case he generated a certificate for mozilla.com from a reseller of the Comodo certificate authority. I'm hoping this is just a single instance but it makes you remember that the browser pre-trusted certificate authorities really needs to be cleaned up.
If it's not obvious enough, this is not good for Tor users due to the fact that we try to rely on SSL certificates to make sure that traffic isn't sniffed while using Tor.
-Roc Tor Admin