IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: x509



On Thu, 2002-01-31 at 23:01, Niels Möller wrote:

> But on second thought, this beautiful separation of SSH things from
> x.509 things doesn't quite work. Somebody *has* to check that the e
> and n above equals the key that is somewhere inside the ASN.1
> certificate chain, otherwise, the certificate checking has a hole you
> can drive a 20 ton truck right through.
> 
> So now I think it's best to *not* duplicate crucial security
> information like this. If we do, I'm sure some implementation will
> forget to check that the information is consistent.

I think that is putting it a little strong - you still have to present a
valid signature. You run into problems if the remote end grants
additionak trust (e.g. automatically accepting a host key) based on
information in the certificate.

It seems unlikely that implementors would go to all the trouble of
implementing certificate chain checking, etc only to miss something so
basic.

-d


-- 
| By convention there is color,       \\ Damien Miller <djm%mindrot.org@localhost>
| By convention sweetness, By convention bitterness, \\ www.mindrot.org
| But in reality there are atoms and space - Democritus (c. 400 BCE)




Home | Main Index | Thread Index | Old Index