Bugtraq mailing list archives

Re: OpenID/Debian PRNG/DNS Cache poisoning advisory

From: pgut001 () cs auckland ac nz (Peter Gutmann)
Date: Sat, 09 Aug 2008 05:49:42 +1200

Eric Rescorla <ekr () networkresonance com> writes:

It's easy to compute all the public keys that will be generated
by the broken PRNG. The clients could embed that list and refuse
to accept any certificate containing one of them. So, this
is distinct from CRLs in that it doesn't require knowing 
which servers have which cert...


You'd also end up with a rather large list for the client to carry around, 
which would be especially problematic for lightweight clients.  You'd need to 
represent it as something like a Bloom filter to avoid this (given that most 
users will just click OK on invalid certs, the small false positive rate 
shouldn't have much effect either :-).

Peter.

Current thread:

Re: OpenID/Debian PRNG/DNS Cache poisoning advisory, (continued)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
  - RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
    - Re: [OpenID] OpenID/Debian PRNG/DNS Cache poisoning advisory Dick Hardt (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Perry E. Metzger (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Paul Hoffman (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08)
    - RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Dave Korn (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Gutmann (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Kaminsky (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III (Aug 12)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 12)
    - key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer (Aug 12)
    - Message not available
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)

(Thread continues...)