[Users] [Bug 2738] Erroneous rotation of SSL certificates
Colin Leroy
colin at colino.net
Fri Sep 28 19:49:48 CEST 2012
On 28 September 2012 at 12h57, ratinox at gweep.net wrote:
Hi,
> > 'correct'. If it wants to bark about it, it should do so in a
> > functional way which enhances security and is usable. What it
>
> Automatically accepting multiple certificates for a socket is a
> security risk. For example, a certificate obtained from a compromised
> CA can be used in MITM attacks. DigiNotar revealed last year that it
> was tricked into issuing a valid wild card SSL cert for Google. Prior
> to that, Comodo revealed that it had been tricked into issuing valid
> certificates for Google, Yahoo and Skype.
>
> >From an algorithmic perspective there is no difference between
> >Google's
> "rotating" of SSL certificates and a third party MITM attack using a
> valid but illegal certificate on a spoofed IP. The trust chains link
> back to valid CAs and valid signatures. The only reliable way to
> determine a certificate's authenticity is using the Mark I Eyeball to
> compare certificates to known and verified goods every time the
> certificates change. Anything else leaves your accounts
> silently vulnerable to MITM attacks.
Thanks for your comment, which explains things better than I would
have done :) I'm going to paste it on the bug report.
--
Colin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: not available
URL: <http://lists.claws-mail.org/pipermail/users/attachments/20120928/6b02abf3/attachment.sig>
More information about the Users
mailing list