Arshad Noor wrote, On 2008-02-06 06:38: > The issue isn't with certificates; it is with private keys.
Arshad, I think e.kabarie is concerned with attacks that would inject bogus CA certs into the client's cert DB and mark them as trusted. E.Kabarie: The difficulty with your problem statement is that it lacks a threat model. You seem to suggest that an attacker would have unlimited access and control to the system under attack. If we are to suppose that the persons who will be relying on this machine have NO control over it, and no ability to stop third parties to making any changes they wish to the system, then of course there is no sense in which anything we can do can provide those users with security. If the attacker can replace or modify any of the DB files upon which FireFox relies, then the attacker can also replace the FireFox executables themselves. Any countermeasures we might put into FireFox could be undone by the attacker simply by replacing the "normal" FireFox with one that the attacker has modified and built himself. All the crypto-based security solutions such as SSL and S/MIME exist to provide security over insecure channels between two users' systems at two endpoints. The assumption is that each user controls his own system. SSL and S/MIME are not trying to solve problems where the user's own system is insecure, but rather are trying to establish secure communications between two secured systems over an intervening network that is insecure and may be hostile. At each end of the communications channel, there must exist a boundary point (or line), formally known as a security perimeter, such that everything between that point and the user is known to be controlled by and trustable by the user. The bounary line separates that with the user can trust from that which is hostile. When a user's local computer system is not under his control, and may be compromised, the user must regard that system as being outside of his security permiter, part of the insecure and hostile channel through which his communications may travel. Tamper proof crypto hardware, such as the devices that Arshad suggested, recognize thatt the security perimeter may be between the user and his local system. Those security devices logically exist within the user's perimeter, being something that the user can control and trust, even when he cannot control and trust his computer system. I think you're trying to devise a means by which the user can trust his system software and files on a potentially compromised system. That's simply infeasible on common personal computers today. /Nelson _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
