[JDEV] MSNP8 Security Enhancement

Justin Karneges justin-jdev at affinix.com
Fri Sep 12 02:31:47 CDT 2003 

On Thursday 11 September 2003 11:03 pm, harmeet_im at kodemuse.com wrote:
> ----- Original Message -----
> From: Tijl Houtbeckers <thoutbeckers at splendo.com>
> Sent: Sep 12, 3:28 AM
> > Er.. this is new to me?! Aren't SSL certificates meant to prevent
> > exactly what you are describing here?
>
> Certificates are only used to identify. Server side may not even ask
> for it(as with MSNP8 and most HTTPS Servers) or the client may decide
> to either trust a configurable set or ignore the server certificates.

Proper clients will check against a trusted set of root certificates.  Whether 
or not the MSN client does this is another story, but I'd bet it does.

> The main trick for SSL man in the middle attack is to make client
> think you are a valid server, and server think you are a valid
> client. MSN P8 currently does not do mutual authentication, so for it
> any SSL client is valid and the client trusts (a) a large set of
> identities and (b) a truststore on client machine that can be altered.

Tricking the client into thinking you are a valid server is realistically 
impossible, as long as the client knows who it is supposed to be talking to.  
DNS trickery only works against Web browsers because of all that redirection 
hoopla.  Assuming you have a known server and the client sticks to its guns 
about only talking to that specific server, then there should be no problem 
(Jabber has no problem here, for instance).

As for the client proving to the server that it is a valid client, of course 
it can use a certificate, but it does not need to.  A password is good 
enough.  This is how nearly all secure web applications work.  The server 
proves itself to the client via a trusted certificate, then the client proves 
itself to the server via some username/password that the user enters.

Of course the truststore can be modified on a client machine.  However, if a 
hacker is able to break in and change your local files, then you have a 
greater problem.  This is not a weakness in TLS.

On a related topic, I'd like to note that SASL supports Mutual Authentication 
in the DIGEST-MD5 mechanism, and in combination with its security layer can 
give Jabber clients a secure connection to the server without the need for 
TLS certificates.  This could save admins a lot of money, and is probably one 
of the best features of the new XMPP protocol.

-Justin

More information about the JDev mailing list