Perfect MITM attack with valid SSL Certs

[John Brooks]

I'm not certain which way you meant this, but just in the interest of
clarification:

This sort of attack, or any PKI attacks, *do not* affect the way that tor
nodes authenticate or communicate with eachother - that is all based on the
directories, signatures, and certificate fingerprints. Those can't be faked
without breaking the math involved.

Where this does come into play, however, is communicating with external
services - smart use of this attack could allow an exit node to snoop on or
modify your SSL-encrypted communications. Tor is more susceptible to that
than most because anybody can be your exit node. In this instance, the exit
node would have to be prepared with certificates for various sites - it
couldn't pick any site at random and instantly impersonate that.

I think that may have been what you were saying, but I just wanted to state
it clearly to avoid misinterpretation.

 - John Brooks

On Tue, Dec 23, 2008 at 9:47 AM, Roc Admin <onionroutor at gmail.com> wrote:

> http://blog.startcom.org/?p=145
>
> Slashdot and others are reporting on this story about how it was possible
> for a person to receive a completely valid certificate for a random domain
> of his choosing without any questions or verification.  In this case he
> generated a certificate for mozilla.com from a reseller of the Comodo
> certificate authority.  I'm hoping this is just a single instance but it
> makes you remember that the browser pre-trusted certificate authorities
> really needs to be cleaned up.
>
> If it's not obvious enough, this is not good for Tor users due to the fact
> that we try to rely on SSL certificates to make sure that traffic isn't
> sniffed while using Tor.
>
> -Roc Tor Admin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20081223/19feab88/attachment.htm>