[Security] TLS Certificates Verification
dave at cridland.net
Tue Aug 19 14:36:20 CDT 2008
On Tue Aug 19 20:04:44 2008, Jonathan Dickinson wrote:
> The reason I am saying MITM attacks won't work is because:
And here's why they will.
> You are connected to j.o via SSL/TLS. J.o presents a certificate
> that leaves no doubt as to whether or not J.o is indeed j.o.
Right. Key point here:
You trust your client.
That's pretty reasonable.
> J.o is connected to t.g.c (talk.google.com) via SSL/TLS. T.g.c
> presents a certificate to j.o, so that j.o knows it is connected to
Okay, and you can make use of this because you trust jabber.org. Of
course, there's (currently) no mechanism for jabber.org to tell you
it has authenticated t.g.c, and you might not trust jabber.org all
that much - after all, you're encrypting you session to Joe, here,
> T.g.c is connected to joe at t.g.c. When joe connected to t.g.c he was
> presented with a certificate to confirm that he is joe.
Right, true, but unless you trust t.g.c, this is meaningless. t.g.c
might be owned by an evil enterprise, hypothetically, and in the
typical case, you can't really trust them. t.g.c knows it's Joe, and
is telling you it's Joe, but you can't know that at all.
> Thus, at no point can a MTIM hacker create his dummy entity. Or do
> I have the whole set up wrong?
It looks like the latter to me.
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Security