Author: Gregory Maxwell 2013-12-08 20:50:29
Published on: 2013-12-08T20:50:29+00:00
In a discussion about the security of SSL, Drak stated that SSL makes BGP redirection useless because the browser holds signatures of trusted CAs and an attacker cannot spoof a certificate without it being signed by a trusted CA. However, another contributor pointed out that this is not entirely true due to the existence of CAs that will issue a certificate to anyone who can respond to http requests on behalf of the domain from the perspective of the CA. This means that an attacker can perform a MITM attack by intercepting traffic after the CA has signed their certificate. The CA only verifies that the requester can control the site and does not verify identity. The contributor offered to demonstrate this attack and provide a proxy that passes on :80 and :443 to obtain a cert with the domain name. Despite this tangent, the need to check offline signatures on the binaries remains important even with SSL.
Updated on: 2023-05-19T17:53:30.014668+00:00