[Security] Rogue CAs

Jonathan Schleifer js-xmpp-security at webkeks.org
Wed Dec 31 11:02:42 CST 2008


"Eric Rescorla" <ekr at rtfm.com> wrote:

> It's odd you'd focus on this, since (1) there are still OpenSSH keys
> that were generated with insecure PRNGs out there and (2) this
> is the case that's easiest for the clients to detect, since all the
> keys are known.

Well, I focus on that because I only use SSH for *MY* servers, but SSL
also for servers owned by someone else. So for SSH, that's easy to fix
for me ;).

> Regardless of what you consider, people still use it all the time, so
> security issues in online banking are extremely relevant.

But maybe they shouldn't use it at all.

> > Sure then can, and I never said something else. But all that will
> > take time. Likely, a long time.
> 
> Perhaps, but this is true for *every* vulnerability. There's nothing
> special about this one.

But this one is especially severe and will take especially long.

> What, you've never heard of viruses? The idea here is you write a
> virus/worm that installs a keylogger. Then you don't have to MITM.

I guess on an event like 25c3, you can't write a worm that easily. Most
there know their system and have secured it to their best knowledge.
It's very unlikely that you will find an exploit that will work on more
machines than you would get using MITM.

> Yes, you need to keep reading past the first few paragraphs:
> 
> "Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key
> material for use in X.509 certificates and session keys used in
> SSL/TLS connections.  Keys generated with GnuPG or GNUTLS are not
> affected, though."

Ok, but anyway, this is a Debian-only issue and you said there's a
vulnerability. So now I'm curious to know which :). I only know of the
flaw when using CBC.

-- 
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/security/attachments/20081231/1d4cc425/attachment.pgp 


More information about the Security mailing list