Re: Debian Weak Key Problem

Mon, 09 Jun 2008 17:50:59 -0700 

Nelson B Bolyard:


In this case, the guy held up a bag of ~96 thousand private keys and said
"See, here are 96 thousand private keys that I possess.  Anyone can have a
copy of them."  I can't imagine better proof of key compromise than that.

   



Oh well, I could add another few thousands to those if you want, it 
itself isn't really useful, isn't  it? You still have to find the right 
one, in case of banking web site still very attractive. But merely 
waiving this bag of ~96 thousand private keys and actually potentially 
some more, doesn't go far enough to call it literally a key compromise.



I could produce millions of keys in my free time and post them to some 
web site...I could tell you now that those are all compromised keys and 
all CAs should now scan their subscribers keys against the ones I 
posted. Should it find one, it should revoke it, right?


It doesn't require the customer.  If I walk into the bank and say "See
here in my hand, a copy of the key for Eddy's deposit box, exactly like
the copies that I just gave to all those people in the bank lobby", the
bank shouldn't need any more evidence or customer approval before acting.

   



Yes, if there is knowledge that you got my key then there is no doubt 
about that, however right now you are demanding that CAs scan all their 
subscribers keys against those 100,000 and potentially more keys....it's 
like you coming up to the bank and saying, "Look, I've got here 100,000 
keys, one of which *might* match that of Eddy's....".



It's an unlucky situation for certain and those using Debian should 
perhaps know about the problem. But I'm not sure if all CAs can afford 
to scan all subscriber keys. Oh, and there are many other pressing 
problems which Mozilla ignores outright, for which you don't even need a 
private key in order to spoof a site and pretend to be someone 
else...MITM in plain text is still very affordable just in case somebody 
forgot.



Regards
Signer:         Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber:         [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog:   Join the Revolution! <http://blog.startcom.org>
Phone:  +1.213.341.0390



_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto























					Reply via email to