[Ach] Publish own CA certificate. Loss of security?

Joe St Sauver joe at oregon.uoregon.edu
Sun Jan 19 19:47:53 CET 2014


Hi,

Torge commented:

#As I understood no one else can use my CA certificate to sign own certificates
#without knowing the key. Is this right? 

Correct, but that's not the risk.

The real risk, however, is that once I accept your "root" cert, not only can 
you create "trusted" certs for your *own* site, which is fine, you can also 
create "trusted" certs for any/all other sites, including potentially banks 
and other financial sites (such as stock brokerages), medical sites, shopping 
sites, major free web email and search engines, etc.

If you were malicious, you could then arrange to MITM my traffic to all those
sites, routing my sensitive traffic to your "secure" server with your bogus 
cert. At that point, unless I'm running a browser that has been enhanced to 
notice and flag that change in certificate vs. what I've seen previously, 
it's game over.

Regards,

Joe



More information about the Ach mailing list