Re: [TLS] TLS document status update

To: tls at ietf.org
Subject: Re: [TLS] TLS document status update
From: Mike <mike-list at pobox.com>
Date: Tue, 29 Apr 2008 17:16:30 -0700
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <20080429210648.F2F075081A@romeo.rtfm.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <1696498986EFEC4D9153717DA325CB727BC503@vaebe104.NOE.Nokia.com> <48173B41.5000401@bolyard.com> <20080429152618.B25AD5081A@romeo.rtfm.com> <48174BB8.7080009@pobox.com> <20080429202042.3E54E5081A@romeo.rtfm.com> <4817881D.9080605@pobox.com> <20080429210648.F2F075081A@romeo.rtfm.com>
Sender: tls-bounces at ietf.org
User-agent: Thunderbird 2.0.0.12 (Windows/20080213)

> To recap, the attack looks like this:
> 
> 1. Alice gets a certificate with key pair K_pub, K_priv.
> 2. The attacker gets his own certificate with K_pub, K_priv
>    under his own name.
> 3. Alice connects to the server and offers to authenticate
>    using certificate_url.
> 4. The attacker intercepts the server's connection to the
>    URL provided by Alice and substitutes his own certificate.
> 5. The server now thinks that any data sent by Alice was
>    actually sent by the attacker.

But won't the CertificateVerify message fail since the attacker
has a different private key than Alice?

In any case, maybe the data that needs to be sent is not the
hash of the certificate, but rather the identity the client
wants to authenticate as.  This could be the subject DN, or
SAN from the certificate.  An advantage of using that is that
it is invariant even as the actual certificate is periodically
reissued.

Mike
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] TLS document status update
  - From: Eric Rescorla

References:
- [TLS] TLS document status update
  - From: Pasi.Eronen
- Re: [TLS] TLS document status update
  - From: Nelson B Bolyard
- Re: [TLS] TLS document status update
  - From: Eric Rescorla
- Re: [TLS] TLS document status update
  - From: Mike
- Re: [TLS] TLS document status update
  - From: Eric Rescorla
- Re: [TLS] TLS document status update
  - From: Mike
- Re: [TLS] TLS document status update
  - From: Eric Rescorla

Prev by Date: Re: [TLS] TLS document status update
Next by Date: Re: [TLS] TLS document status update
Previous by thread: Re: [TLS] TLS document status update
Next by thread: Re: [TLS] TLS document status update
Index(es):
- Date
- Thread

Re: [TLS] TLS document status update

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.