Eddy Nigg wrote:
On 02/19/2009 03:30 PM, Jean-Marc Desperrier:
Moxie Marlinspike in Black Hat has just demonstrated a very serious i18n
attack using a *.ijjk.cn certificate.
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
.cn is authorized for i18n, and the * will match anything, allowing all
the classic i18n based attacks.
This was striking:
Get a domain-validated SSL wildcard cert for *.ijjk.cn
Yes, it's surprising how some of such attacks seem obvious *after* they
have been done, but it takes so long to realize it can be done.
The md5 collision between a normal and a *CA* certificate was similar
for me, "how the fuck did we not think earlier, when it was already
obvious someone would soon create a collision between two real md5
certs, that they just had to do that to make the attack really effective".
This being said : Is there already a bug open for this ? The only thing
that stops me opening it myself is that it might already exist but be
security restricted.
PS : I think this discussion should be on mozilla.dev.security since
it's about a security vulnerability, not crypto and not security.policy.
Does everyone share my opinion ? (I'm setting the follow-up there)
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
