From: Jeremey Barrett <jeremey@forequest.com>
To: pgut001@cs.auckland.ac.nz
Message Hash: 7730748cad898905ba2de258001ee0d60fc8b47209c85fbafe5f909bf596b013
Message ID: <Pine.BSI.3.93.960808145842.6124A-100000@descartes.forequest.com>
Reply To: <83952437618205@cs26.cs.auckland.ac.nz>
UTC Datetime: 1996-08-09 06:08:01 UTC
Raw Date: Fri, 9 Aug 1996 14:08:01 +0800
From: Jeremey Barrett <jeremey@forequest.com>
Date: Fri, 9 Aug 1996 14:08:01 +0800
To: pgut001@cs.auckland.ac.nz
Subject: Re: An SSL implementation weakness?
In-Reply-To: <83952437618205@cs26.cs.auckland.ac.nz>
Message-ID: <Pine.BSI.3.93.960808145842.6124A-100000@descartes.forequest.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 9 Aug 1996 pgut001@cs.auckland.ac.nz wrote:
> The following weakness seems very obvious, I've got a partial writeup of this
> but before I turn it into a paper or something and arrange a demonstration of
> how it would work I thought I'd check to make sure (a) someone else hasn't
> mentioned it before, and (b) it is actually possible (it seems too simple to
> be true):
>
> 1. Using DNS spoofing, stage a hostile takeover of an address (for example
> using bogus referrals set yourself up as the delegated server for a DNS
> subtree).
> 2. Get a Verisign certificate for an arbitrary company and set up a bogus site
> at the stolen address.
>
> Lets say you steal www.megafoobarcorp.com. People connect to this site (which
> is actually your bogus site), Netscape (for example) displays the blue line
> and non-broken key (which is actually for your J.Random certificate rather
> than the real megafoobarcorp one) to show the connection is secure, and you've
> just subverted their site.
The domain in the server's certificate will not match the domain on the url,
i.e. the certificate will say www.eve.com and the url will be
www.megafoobarcorp.com. Netscape does and should complain about this,
and that particular warning cannot be turned off. Now it is quite possible
that the user will ignore the warning or not fully understand it, and
proceed, but if the user pays attention to those sort of warnings, the
switch will be detected.
Now maybe if you got a certificate for a very similar domain name, the user
might be more likely to ignore the warning.
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jeremey Barrett
Senior Software Engineer jeremey@forequest.com
The ForeQuest Company http://www.forequest.com/
"less is more."
-- Mies van de Rohe.
Ken Thompson has an automobile which he helped design. Unlike most
automobiles, it has neither speedometer, nor gas gage, nor any of the
numerous idiot lights which plague the modern driver. Rather, if the
driver makes any mistake, a giant "?" lights up in the center of the
dashboard. "The experienced driver", he says, "will usually know
what's wrong."
-- 'fortune` output
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMgpmWy/fy+vkqMxNAQEZfQP8C69iVqCdXBudh8N2UIlLVew65Yi8lkad
Wjnsur/vsFbsGQZBOvh5IBshJkLBYPZPL2Q92Zi14Xcir8/Ld18N8kFShQ97id5l
npXMcY7ncFnfeohdwhIJdDgzaNYK9i/eVeb90JVPh/cV89xw9BnXv4h/7xW3ul+j
xp/m1oyRZ/w=
=Tsus
-----END PGP SIGNATURE-----
Return to August 1996
Return to “The Deviant <deviant@pooh-corner.com>”