PaulDotCom mailing list archives
SSL certification chain caching
From: jim.halfpenny at gmail.com (Jim Halfpenny)
Date: Mon, 19 Apr 2010 21:00:32 +0100
Hi all, Given all of the talk round SSL, root certs, MitM attacks I got to thinking about how to mitigate this. I read the paper by Christopher Soghoian and Sid Stamm (http://files.cloudprivacy.net/ssl-mitm.pdf) and there are some obvious flaws in the Trust On First Use concept, particularly if you are on a high risk network or in a high risk country with draconian Internet censorship like Australia. So why not compile a list of the SSL certificates in the wild and the chain of CA certificates? If a certificate, the CA chain or other metadata differ significantly from the cached version raise a flag or score the likelyhood of it being compromised/altered/Chinese. +10 for a new cert +50 for a new CA cert in the chain +666 for signed by a nation state CA Yes, the major fatal flaw is again trust; do you want to start depending on a 3rd party to vet your SSL certificates? The key factor is not depending solely on the CA to verify authenticity; querying certificate repositories (think http://pgp.mit.edu) in addition to checking the SSL certificate could offer another layer of defense. Offline databases could be disseminated out of band so end users could examine their SSL connections for MitM tampering in hostile environments. I've lots of ideas and am working on some of them at the moment, any suggesions, advice and help welcome! Regards, Jim
Current thread:
- SSL certification chain caching Jim Halfpenny (Apr 19)