[Security] Rogue CAs
ekr at rtfm.com
Wed Dec 31 08:49:40 CST 2008
On Wed, Dec 31, 2008 at 6:29 AM, Jonathan Schleifer
<js-xmpp-security at webkeks.org> wrote:
> Pedro Melo <melo at simplicidade.org> wrote:
>> I'm no expert but this seems pretty bad:
>> Best regards,
> Yup, SSL is pretty much dead now.
See my writeup here:
> First CAs not checking whom they
> issue the cert, then CAs still using MD5. At 25c3, I even tunnelled all
> SSL-connections through SSH, as you can't rely on SSL anymore.
Uh, there have been a grand total of two certificates that we know of being
issued to the wrong people. That's hardly the end of the world. Yes, I
totally agree that CA procedures could be significantly tighter, but I
think "can't rely" is rather too strong.
Additionally,the only part of SSL/TLS that this stuff implicates is
a feature SSH doesn't even have, namely third party authentication.
If you want to run SSL/TLS in a mode where you know the peer's key
already, it doesn't matter what the CAs do.
More information about the Security