[tor-talk] How evil is TLS cert collection?
tagnaq
tagnaq at gmail.com
Sat Jun 4 20:19:09 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 06/04/2011 09:56 PM, Mike Perry wrote:
> Thus spake Robert Ransom (rransom.8774 at gmail.com):
>
>> On Sat, 4 Jun 2011 12:09:52 -0700
>> Mike Perry <mikeperry at fscked.org> wrote:
>>
>>> Thus spake Robert Ransom (rransom.8774 at gmail.com):
>>
>>>> My understanding was that EFF would query DNS for a hostname, and if
>>>> the hostname does not exist, assume that it's private. (This should
>>>> scare you even more.)
>>>
>>> EFF only needs to do this query if the browser could not (because it
>>> was using an HTTP proxy without a SOCKS proxy). Does this scare you
>>> less or more? I'm getting confused by the reactions in this thread.
>>
>> If EFF needs to perform a DNS query on each hostname it receives a
>> certificate for, EFF will leak information to an attacker watching its
>> servers. If EFF tries to not log hostnames which do not exist, EFF
>> will leak a user's request time *every time* that it receives a
>> certificate associated with a non-existent hostname.
>
> I think you missed the first half of my email where I explicitly said
> EFF shouldn't need to do this under normal circumstances. It only
> needs to do this when the browser fails to do so itself. Do you expect
> this to be common?
>
> The observatory itself could also be running a tor client for these
> resolutions, just in case they do end up being common.
>
>
> P.S. When the browser does attempt to do these resolutions, should
> they be done via Tor or via whatever local resolver/proxy was used to
> access the domain? Doing it via Tor exposes potentially private names
> to exits
Yes, instead of asking the EFF to resolve a hostname an internal client
could just use Tor to get an "outside view" regarding a hostname.
This way hostnames don't have to go through a central point (EFF) for
the 'is this hostname private?' - check.
-----BEGIN PGP SIGNATURE-----
iF4EAREKAAYFAk3qkz0ACgkQyM26BSNOM7ZYBgEAjPYkTkP8R8BpJl5Wl24DvGve
sRKAywVBTv4Vxeql9y4BAJ8AGofNSR5W/Y3HqY1ieWGRJksd+5GD2/QatB0oTEWl
=SreM
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list