[tor-talk] How evil is TLS cert collection?
Mike Perry
mikeperry at fscked.org
Sat Jun 4 19:56:15 UTC 2011
Thus spake Robert Ransom (rransom.8774 at gmail.com):
> On Sat, 4 Jun 2011 12:09:52 -0700
> Mike Perry <mikeperry at fscked.org> wrote:
>
> > Thus spake Robert Ransom (rransom.8774 at gmail.com):
>
> > > My understanding was that EFF would query DNS for a hostname, and if
> > > the hostname does not exist, assume that it's private. (This should
> > > scare you even more.)
> >
> > EFF only needs to do this query if the browser could not (because it
> > was using an HTTP proxy without a SOCKS proxy). Does this scare you
> > less or more? I'm getting confused by the reactions in this thread.
>
> If EFF needs to perform a DNS query on each hostname it receives a
> certificate for, EFF will leak information to an attacker watching its
> servers. If EFF tries to not log hostnames which do not exist, EFF
> will leak a user's request time *every time* that it receives a
> certificate associated with a non-existent hostname.
I think you missed the first half of my email where I explicitly said
EFF shouldn't need to do this under normal circumstances. It only
needs to do this when the browser fails to do so itself. Do you expect
this to be common?
The observatory itself could also be running a tor client for these
resolutions, just in case they do end up being common.
P.S. When the browser does attempt to do these resolutions, should
they be done via Tor or via whatever local resolver/proxy was used to
access the domain? Doing it via Tor exposes potentially private names
to exits, but doing it locally will fail to detect attacks where the
MITM is able to operate on the user's own infrastructure (because they
can just make sure that the domains they MITM resolve to RFC1918).
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20110604/c96946d4/attachment.pgp>
More information about the tor-talk
mailing list