Eddy Nigg wrote, On 2009-01-03 11:01: > On 01/03/2009 06:16 PM, Ben Bucksch:
>> Yes, that would have been incredibily stupid, >> but given what we learned recently about some other CAs... This bug is >> not too far from that, but at least not that obviously stupid, it can >> really have been just an oversight of the developer in question, and his >> reviewer. > > Nono...it's very far from that, Ben. With certstar there were no > validations at all. It didn't exist. That's a far cry from a bug in the > post response verification. As I understand it, Eddy, the situation with CertStar was a bug which caused the code to simply fail to invoke the facilities that do the DV validation (or verification, or whatever the right term is for that). The input, which was the DNS name that should have been validated, wasn't checked. As I understand it based on messages I have read, the facilities existed to do the check, but a small bug kept them from being invoked, a small bug that was (reportedly) easily and quickly fixed. In StartCom's case, likewise, an important input was not checked. It was the email address to be used, rather than the DNS name, that wasn't checked. But either way, the result was that a check was not performed, and consequently, a cert was issued for a domain name that was not properly under the control of the party to whom it was issued. Thus, these two events appear to me to be failings of a comparable magnitude. It's true that exploiting one of these required a little more work on the part of the "attacker" than the other. One required nothing more than that the attacker type in the DNS name he did not control, while the other required that the attacker alter the form to make it include an email address that had not been present as received from the CA/RA, but both are well within the scope of things that most serious attackers can readily do, as recent events have shown. Both of these "bugs" might have been, but were not, detected until a researcher/attacker found them and reported them. I have no evidence that either failing was intentional. They were just bugs. One was perhaps less obvious than the other, but both had consequences that were of potentially of similar magnitude, IMO. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
