Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI

[Eric Knight <deceased1 () HOME COM>]

Mr. Vandevenne:

> - is mail server compromise really needed ? I imagine simple sniffing
> could achieve the same result - one doesn't need to get the mail in
> mail format to use the information and as far as detection of the
> problem is concerned, it will be detected soon enough after the
> original key is revoked anyway

I wasn't thinking in those terms, but I see you are absolutely correct.
This method might leave some evidence behind that the compromise had
happened, but is probably unnecessary for the forging process to complete
and action to be taken.  In fact, I see that the network compromise can
occur anywhere between the SOA and the destination, including redirected
traffic.  That does make the overall attack considerably stronger and takes
a lot of control away from the victim.

> - imho, it is again convenience vs security - assuming a government
> would handle the initial certification better, and they probably would,
> I wouldn't trust them more than the commercial entities if they started
> to implement a web interface to their databases.

Agreed.  I'm not trying to make an argument for government PKI, however.
I'm not ready to accept any side in this matter until I can see something
compelling.  Debating which of the three should be picked over the other is
probably just a moot argument -- each one probably is superior in their own
specialized environments.

> On the form...
>
> - you mix passphrase / password sometimes, with the result that I don't
> know which is which at some point

Sorry, Pass Phrase was introduced by VeriSign's web page, probably trying to
convince people to pick longer "authentication strings" than a single word
in order to cover for the "do not use punctation" line.  I can envision the
MD5 or SHA-1 hash on the backend that allows long phrases, and maybe
UserTrust uses DES which is why they have 8 digits or less.  Password is the
convention, but remains a misleading industry buzzword.  I'll standardize
it.

> As far as the real problem is concerned, I liked the approach taken by
> the global trust register much better - the different certification
> levels are not linked to the amount of money paid but to the amount of
> verifications carried out.
>
> http://www.cl.cam.ac.uk/Research/Security/Trust-Register/book.html

GlobalSign did seem like they were going at things the right way, they went
at length describing their processes and did an excellent job of explaining
their authentication practices.  My concern is that to revoke/replace the
key didn't have a similar re-authentication method.  I'm going to hammer at
the GTR idea here for a bit, I'll get back to you on that.

Thanks for your comments,

Eric Knight
knight () securityparadigm com