[cap-talk] A petname toolbar for Firefox
Ian G
iang at systemics.com
Fri Feb 18 22:36:41 EST 2005
Tyler Close wrote:
>> There's one thing i
>>don't understand, though. Why do you store the petname keyed by
>>the root CA's fingerprint instead of the site's fingerprint?
>>(I see that you still use the domain name so that different
>>domains signed by the same CA are distinct, but i don't see why
>>the CA's certificate needs to be involved at all.)
>>
>>
>
>Under HTTPS, the end entity certificate typically has a lifetime of only
>1 year. The only persistent identifier for the site is the ( domain
>name, CA public key ) pair.
>
Isn't the same key used on renewal? And only
the cert changes?
>Binding the petname to a non-persistent site identifier would suck, as
>the binding would regularly become invalid, producing a situation much
>like a spoofing attack. This interaction model would desensitize the
>user to broken petnames, undermining the protection model.
>
>
This would indeed be a problem of quite
serious proportions. OTOH, by binding
the domain+CA, it is now open to a CA
substitution attack. I suppose that's just
a nicety that we didn't get rather than
something that was lost, though.
Good work. (I can't see it as I also have a
Firefox sans plugins.)
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
More information about the cap-talk
mailing list