[jdev] Re: TLS and self-signed certs
Neil Stevens
neil at hakubi.us
Thu Nov 11 21:54:49 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 11 November 2004 05:06 pm, Justin Karneges wrote:
> While JD's comments sum this up nicely, I just want to reiterate loudly
> that self-signed certificates alone truly are worthless. I'm not even
> talking about man in the middle attacks either. As a form of identity,
> a self-signed cert is as effective as the "From:" header in good old
> SMTP, and this would allow spammers to get right in and start faking
> domains.
Wrong. If a certificate remains unchanged, then you know that as long as
it is unchanged, you're continuing to connect to the server you connected
to in the past.
You can't know if there's a man-in-the-middle in progress when you first
connect, but if you're remembering certificate and someone tries one after
a while, you will be able to detect that.
ssh does this, for example.
Also, remember that different people have different threat models to
address. Someone in the old hypothetical revolutionary conspiracy can't
afford to depend on large institutional corporations to sign their
certificates, but still might want to protect their communications from
eavesdropping.
- --
Neil Stevens - neil at hakubi.us
"The world is a dangerous place to live; not because of the people who
are evil, but because of the people who don't do anything about it."
-- Albert Einstein(?)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFBlDQvf7mnligQOmERAnGZAJ4kk2AtBbaKK/AGd5enaRkL2UrN7wCdFJCf
chY5wiR4C0rjPLaIsa/UCtA=
=hTag
-----END PGP SIGNATURE-----
More information about the JDev
mailing list