[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Man-in-the-middle attacks (was: OCSP response pre-production)

To: ietf-pkix@xxxxxxx
Subject: Man-in-the-middle attacks (was: OCSP response pre-production)
From: Paul Hoffman / IMC <phoffman@xxxxxxx>
Date: Mon, 29 Sep 2003 17:21:48 -0700
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

The problem I am seeing with the proposals that it is OK for the responder to send nonce-less responses to queries with nonces is that it allows a man-in-the-middle to perform a fairly trivial replay attack. A sophisticated man-in-the-middle might capture every request, strip out the nonce (and signature, if any), pass it on to the server, and then send back all the responses with no nonces, so that the client expects no nonces from the server and won't be at all suspicious when snookered with a replay attack.

If we go for the minority proposal of allowing responders to ignore nonces in the queries, we will certainly need to beef up the Security Considerations section, and probably section 4.4.1 as well.

--Paul Hoffman, Director
--Internet Mail Consortium

References:
- RE: OCSP response pre-production
  - From: Florian Oelmaier

Prev by Date: RE: OCSP response pre-production
Next by Date: RE: OCSP response pre-production
Previous by thread: RE: OCSP response pre-production
Next by thread: RE: OCSP response pre-production
Index(es):
- Date
- Thread