Cache poisoning vulnerability found in BIND
Posted Jul 26, 2007 13:15 UTC (Thu) by tialaramex
In reply to: Cache poisoning vulnerability found in BIND
Parent article: Cache poisoning vulnerability found in BIND
Ah, you're not thinking like a security professional.
Suppose we make it so that _invalid_ certificates just don't work
Attackers may be able to obtain an _expired_ certificate, but that's OK we'll make sure those don't work either.
Or they can create a _self-signed_ certificate just as easily. Maybe we should make those not work?
At this point users will refuse to use your browser, because lots of sites that are concerned about snooping, but not about impersonation, use SSL with certificates that are self-signed (or signed by an unknown CA) to avoid the high cost of a "real" SSL certificate. Users will go to great lengths to bypass security that they regard as excessive or unwieldy.
Since, to an attacker, invalid and self-signed certificates are just as easy to make / obtain, there is no point to what IE did here AFAICT.
to post comments)