[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSL certificates

On Sun, Sep 19, 2004 at 06:26:49PM -0500, Adam Majer wrote:
> Kai Hendry wrote:
> >On Sun, Sep 19, 2004 at 08:03:17PM +0100, Andrew Suffield wrote:
> >  
> >
> >>appreciably secure, and users can't tell the difference anyway. This
> >>doesn't matter because nobody attacks anything worthwhile by capturing
> >>traffic. SSL is basically irrelevant on the modern internet [see
> >>crypto-gram, earlier this year].
> >>    
> >>
> >
> >After searching about I found:
> >http://www.schneier.com/paper-pki-ft.txt
> >http://www.schneier.com/crypto-gram-0401.html Letter from John Viega

Neither of those. I can't remember where it was offhand and don't have
time to go searching right now.

> >Either I am opening a can of worms here or I am wasting time, but what
> >am I or applications supposed to be using then?

There isn't actually a good answer to this.

> >It is a myth that passwords in the plain is a bad idea? Aren't there
> >tools in existence to detect ftp/telnet/insecure authentications?

It's a myth that SSL, as normally used, is an improvement over sending
traffic in the clear. Tools exist to detect and decrypt that too - and
they're even in Debian in some cases (see dsniff for the SSHv1
variation; note that the only reason an SSHv2 variation doesn't exist
is because nobody is quite evil enough to release one, there are no
technical barriers to it, and it's really quite trivial).

You need intelligent users and they need to verify the server
certificate properly for SSL to actually work. That means *not*
trusting the root certificate bundle that came off your unverified CD,
or came on the preinstalled box, and *not* just clicking through the
warning when you get presented with a self-signed certificate.

If the user will accept any plausible looking self-signed certificate
without verifying it, and you are sitting in a place where you can
intercept the traffic (like at the ISP), then a tool similar to dsniff
will evaporate the illusion of security that SSL
provides. Essentially, SSL transfers the problem of security to PKI,
and PKI is an unsolved problem.

> >Does the "modern internet" mean we are packet switched to safety?

Means there are vastly better places to attack than the
client<->server session. Like the server itself. Traffic from you to
the server isn't *secure*, but neither is it easy to capture, so
nobody bothers. They just hit the server.

> It is close enough for most things. There are services that do not
> require SSL, and then there are some that SSL would be a good thing. For
> example, things bugzilla does not need SSL (IMO :) as well as "shopping
> carts". What you need SSL is for things like credit card processing or
> login in into your remote box.

Nobody steals credit card numbers by capturing traffic from you to the
server. It's difficult and ineffective and slow, even if the session
isn't encrypted. They crack the server and steal hundreds of thousands
at once.

This was *precisely* the example Schneier gave in crypto-gram. SSL
just does not matter, so it's not really a big deal that it isn't
really secure.

  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

Reply to: