On Sat, 2010-04-03 at 23:34 -0700, Nelson B Bolyard wrote: > Let me tell you about one very simple attack. (I think this is old enough > now that the details are no longer big news in the hacking community.) The > MITM has an account on an SMTP server on the same host as an https server. > The SMTP server and the https server on that host use the same server > certificate. The attacker arranges to intercept the victim client's https > requests and connect them to the email server (!).
The real problem there is that TLS uses DNS names and thus does not distinguish different services on the same server. Using RFC 4985 SRVNames such as _SMTP.example.com in certificates would solve that. Two issues: - Astonishingly, a service name for HTTP has not yet been registered with IANA ( http://www.iana.org/assignments/service-names ). Somebody should do that! - RFC 4985 section 4 should be clearer that dNSName constraints as such apply to SRVNames and the SRVName type is only used for constraints that contain a service name. I may raise that on the pkix list. -- Matt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
