[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HTTPS everywhere!

On Wed, 2014-06-18 at 15:29 +0200, Vincent Lefevre wrote: 
> At least you
> need some 3rd party to check certificate revocation. But if it is
> malicious, it could tell you that the certificate has been revoked
> (even if it isn't), and you have the same problem as now... well,
> almost.

It's actually worse the other way round:
Per definition you blindly must trust some 3rd party to check for
- in X.509 this is your CRL or OSCP ...
- in OpenPGP this is your keyserver...

In BOTH cases you have the problem that someone else (namely the CA
respectively the keyserver operator) can do blocking/downgrading
attacks, i.e. not presenting the revocation at all, or giving some older
state of your key/signatures.

In the X.509 case you have the additional problems that:
- both CRL/OSCP are technically fragile
- at least some browsers (all?) don't check for it per default

In OpenPGP you have the additional problems that:
- at least until know communication with the keyservers is usually
unsecured: so not only the keyserver operator can attack you, but anyone
else that can MitM.
- there are gazillions of keyserver operators (like me) and OpenPGP
implemntations usually default to some pool of keyservers... so in the
end you do not only have to trust one 3rd party (like - at least
technically - with X.509) but ??? 3rd parties to give you the correct


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to: