Bugtraq mailing list archives
Re: "The End of SSL and SSH?"
From: Damien Miller <djm () MINDROT ORG>
Date: Thu, 21 Dec 2000 13:36:24 +1100
On Wed, 20 Dec 2000, Crispin Cowan wrote:
* SSH: punts the whole problem, and makes the users responsible for initial key placement. Brilliant & lame at the same time, this has allowed SSH to spread rapidly, because it is much easier to install than most other secure remote access/VPN solutions. To be really secure, you can sneakernet (floppy disk) your initial key onto all the nodes you want. You can also punt, and use insecure means to place the initial keys: SSH warns you that you're subject to a man-in-the-middle attack when you do that.
OpenSSH (and maybe others) print fingerprints when previously unknown host keys are presented. This allows for OOB veracity checking. I have seen a few PGP signed SSH host keys and SSH host keys served from webservers with "real" certificates, so 'cross-PKI' is another way around the problem.
SSH and SSL are in my opinion poor implementations of security protocols, they also lack a lot of things such as repudiation/etc. To believe they are the best we can do makes me very sad. I suspect in 5 years we'll talk about ssh/ssl like we talk about telnet right now.They may be bad protocols (or good; I'm not a crypto protocol guy) but not for the reason you're presenting. The issue you bring up is endemic to all crypto protocols.
His argument in the case of SSL isn't even correct - CRLs and OCSP are extant, if not pretty or widely deployed, repudiation mechanisms. -d -- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm () mindrot org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org
Current thread:
- Re: sshmitm, webmitm, (continued)
- Re: sshmitm, webmitm Samuele Giovanni Tonon (Dec 20)
- Re: sshmitm, webmitm Boris Lorenz (Dec 21)
- "The End of SSL and SSH?" Perry E. Metzger (Dec 20)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 19)
- Re: "The End of SSL and SSH?" Stefan Monnier (Dec 20)
- Re: "The End of SSL and SSH?" Brett Glass (Dec 20)
- Re: "The End of SSL and SSH?" Crispin Cowan (Dec 20)
- Re: "The End of SSL and SSH?" Ajax (Dec 20)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Damien Miller (Dec 21)
- Re: "The End of SSL and SSH?" Ryan Russell (Dec 21)
- Re: sshmitm, webmitm Samuele Giovanni Tonon (Dec 20)
- Re: "The End of SSL and SSH?" Michael H. Warfield (Dec 20)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 21)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Samuele Giovanni Tonon (Dec 21)
- Re: "The End of SSL and SSH?" - mongo followup Kurt Seifried (Dec 24)