Something was bothering me about this document... On 4/30/2010 1:11 PM, Marsh Ray wrote: > > http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html#Step61 > : >> You will receive an email message containing two plain-text file >> attachments: one file containing this code-signing certificate and >> another file containing its own CA certificate, which authenticates its >> public key. Please also allow five business days from receipt of your >> request for processing. >> ... >> First import the CA's certificate as a "trusted certificate":
So, it turns out that the entire Java crypto infrastructure is built atop plain old unauthenticated RFC-822 email after all. Could any attackers could be so organized as to intercept port 25 email and quietly substitute their own root CA certificate, thereby gaining trusted code execution access to the systems which will later be used to build officially-signed crypto provider packages? http://en.wikipedia.org/wiki/Operation_Aurora - Marsh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
