[cap-talk] Firefox breaks the principle of identifiability

Ian G iang at systemics.com
Tue Feb 8 14:47:12 EST 2005 

Tyler Close wrote:

>On Feb 8, 2005, at 10:34 AM, Ian G wrote:
>  
>
>>list at waterken.net wrote:
>>    
>>
>>>On Feb 7, 2005, at 8:43 PM, Ben Laurie wrote: 
>>>      
>>>
>>>>The Shmoo example does not demonstrate anything about PKI (though it
>>>>is true that the particular CA chosen doesn't tell you much about
>>>>who bought the certificate, which would strike me as a fairly
>>>>effective prevention of the attack - the CA was, however, chosen
>>>>for cheapness, not usefulness).
>>>>        
>>>>
>>>  
>>>So you view the Shmoo example [1] as a showcase of the PKI providing
>>>effective prevention against a phishing attack? 
>>>      
>>>
>>No.  Shmoo doesn't say anything about phishing
>>that hasn't already been said before.
>>    
>>
>
>Just to be clear, what do you think Shmoo says about phishing?
>  
>

The same thing that paypa1.com says about
phishing.  I suppose you could say, phishing
is possible, and here's one way to do it?  If
you would like to attribute that to Shmoo, fine,
but digits have been around longer than IDNs.
As has phishing.

I'm somewhat mystified as to what the point
is here.


>>And it doesn't say anything that I can see about PKI.
>>    
>>
>
>Pardon my deliberateness here, but I am just stunned.
>
>It is your position that the Shmoo https link which spoofs the
>paypal.com site is not an attack on the use of PKI on the WWW?
>  
>

No.  That is not my position.  That's easy
to say because I have no positions, only
interests.

>>And PKI doesn't cover phishing.
>>    
>>
>
>In your worldview, is phishing an attack against server authentication
>on the WWW?
>

No.  It would be better characterised as an
attack on the browsing security model.  In
almost all phishing attacks, the attacker
declines to invoke any server authentication
at all, so saying that it is an attack against
the authentication isn't quite right, it's a
bypass.  (Which is not to say that I wouldn't
be as loose with the language myself in
another forum!)

>Are you saying that PKI is not expected to provide server
>authentication on the WWW?
>  
>

There are several sorts of phishing.  The major sort
of phishing that most worry about - and I have put
most of my thoughts into - can be characterised as
presenting a FORM that is in some sense misrepresented.
In some cases this may take the form of pretending to
be a website that it is not.  In that case, the advertised
purpose of HTTPS and the secure browser system was
partly to avoid that scenario.  In this it fails.

However it partly fails because it is too easy to ignore,
and that's not PKI's fault.  It's sitting there waiting for
the requests, just like other components.

Just forcing most phishers to use HTTPS would be
an improvement.  Then, those that provide certificates
that trick the user (however they do it - by the Shmoo
technique or any other) would be said to have broken
the PKI model in a frontal attack.

But for now, nobody bothers to attack PKI.  So the
Shmoo thing says nothing about PKI, or at least, that's
a reasonable simplification.

iang

-- 
News and views on what matters in finance+crypto:
        http://financialcryptography.com/

More information about the cap-talk mailing list