From owner-freebsd-security@FreeBSD.ORG Fri Apr 1 19:22:05 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 517881065674 for ; Fri, 1 Apr 2011 19:22:05 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: from outbound-mail-01.bluehost.com (cpoproxy1-pub.bluehost.com [69.89.21.11]) by mx1.freebsd.org (Postfix) with SMTP id 164078FC0A for ; Fri, 1 Apr 2011 19:22:04 +0000 (UTC) Received: (qmail 28337 invoked by uid 0); 1 Apr 2011 19:22:04 -0000 Received: from unknown (HELO box543.bluehost.com) (74.220.219.143) by cpoproxy1.bluehost.com with SMTP; 1 Apr 2011 19:22:04 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=apotheon.com; h=Date:From:To:Subject:Message-ID:Mail-Followup-To:References:Mime-Version:Content-Type:Content-Disposition:In-Reply-To:User-Agent:X-Identified-User; b=gLq6jAu821CuoR7sd5gWFvIPNK718M0W0UdUaxmFbl4H3iwA1InJMsJ2HFG24PSOw8MmTBCj1TqIF/65zTLJ1C0Lktjs20yfJyeJo95hAFvp1yb9aMhKHelkK5YstZDQ; Received: from c-24-8-180-234.hsd1.co.comcast.net ([24.8.180.234] helo=kukaburra.hydra) by box543.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1Q5jv1-0006CJ-24 for freebsd-security@freebsd.org; Fri, 01 Apr 2011 13:22:04 -0600 Received: by kukaburra.hydra (sSMTP sendmail emulation); Fri, 01 Apr 2011 13:09:42 -0600 Date: Fri, 1 Apr 2011 13:09:42 -0600 From: Chad Perrin To: freebsd-security Message-ID: <20110401190942.GA86039@guilt.hydra> Mail-Followup-To: freebsd-security References: <4D95ECAA.20406@obluda.cz> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="17pEHd4RhPHOinZp" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i X-Identified-User: {2737:box543.bluehost.com:apotheon:apotheon.org} {sentby:smtp auth 24.8.180.234 authed with ren@apotheon.org} Subject: Re: SSL is broken on FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Apr 2011 19:22:05 -0000 --17pEHd4RhPHOinZp Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 01, 2011 at 07:45:11PM +0100, Istv=E1n wrote: > > cool, i decided I need everything what I have on windows or on J random > operating system with firefox. I install the corresponding package > which is broken and therefore, so I can't verify if somebody i doing a > MITM while I am shopping on Amazon. Massive win! You do not seem entirely clear on how the TLS/SSL trust model actually works. Having a list of trusted CAs does not guarantee that nobody is executing a man in the middle attack. All it does is let the CA tell you whether or not it wants you to believe there is a man in the middle attack going on. The accuracy of such a belief depends entirely on the motives of the CA in question. In point of fact, the SSL/TLS PKI (the infrastructure for out-of-band authentication of certificates via CAs) is basically just a vacant lot scam, where someone assumes the color of authority by simple act of declaration in order to charge people for something it is not actually in the scammer's power to provide or deny -- in this case, verifiable proof of authenticity. A discussion of the problem in broad terms is here: The TLS/SSL Certifying Authority system is a scam http://blogs.techrepublic.com.com/security/?p=3D2550 A much more verifiable system would be something based on distributed agreement, such as the Monkeysphere or Perspectives projects provide for certificate verification. A simplified discussion of the comparative characteristics of Perspectives and the CA-based PKI is here: Perspectives: better than CAs? http://blogs.techrepublic.com.com/security/?p=3D571 >=20 > I understand you do not care about usability. It is viable attitude in > many opensource communities including FreeBSD. Part of usability is ensuring that what you think you are accomplishing actually bears some resemblance to what you are accomplishing. If you think that just trusting whoever some compiled list of CAs tells you to trust to have your best interests at heart is accomplishing something approaching a guarantee of security, the *actual* usability of the system is near nil -- though the *apparent* usability of it might be very high in the estimation of those who have not taken the time to consider the implications of taking such an approach to cryptographic trust. >=20 > Thank you anyway. I am going to copy that file from Linux ;) That may give you a heightened *feeling* of security, but is not likely to greatly increase your *actual* security. In fact, it may reduce it, depending on the types of sites you visit and what data you send to them. By default, software like Firefox will at least warn you when you are connecting to a site using an encryption certificate you have not already told it to trust one way or another. If you just uncritically add all the CAs in the world to a trusted list, all you are doing is turning off those warnings. --=20 Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] --17pEHd4RhPHOinZp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAk2WIvYACgkQ9mn/Pj01uKU6SACg4PKkTwF07eIAEmxUrA5BeTiL 9VUAn0Q+rg5Xt/mnC/gb0AflshZnioBK =AQLX -----END PGP SIGNATURE----- --17pEHd4RhPHOinZp--