[security] [OpenID] Trust + Security @ OpenID

[Johnathan Nightingale]

On 20-Jul-07, at 7:54 AM, Dmitry Shechtman wrote:

> The attack vector:  I poison your local DNS resolver, or proxy all  
> traffic, so that http://foo.blogspot.com actually resolves to  
> http://evil.org's IP.  If you follow the 302 redirect, you could be  
> allowing evil.org to tell you what the "canonical" URL is.  For  
> example it could do a 302 redirect over to https://evil.org which  
> presents a valid certificate and which can masquerade as the user's  
> OP, capturing their password.  (For users who check URLs, it could  
> be https://my.open1d.org instead of https://evil.org.)
>
>
>
> Pardon my ignorance regarding TLS, but I don’t see what protection  
> it would provide against such an attack. Is TLS similar to SSL with  
> the exception of http prefix usage?
>
In most discussions (i.e. ones that don't concern themselves with  
which version of SSL you're using) TLS and SSL are used as synonyms.   
TLS (Transport Layer Security) is the name of an IETF standard based  
on SSL v3.

As Dmitry observes, the protection it offers is useless if there are  
http (i.e. non-SSL/TLS) links in the chain.  In an environment where  
the entire exchange happens over SSL/TLS though, the argument is that  
DNS spoofing/redirect attacks won't work, because an attacker cannot  
obtain a CA-signed certificate for a domain they don't own.  Thus,  
even when the spoofed DNS has redirected trusted-id.com to evil-evil- 
hooray.com, attempts to verify the certificate of this false "trusted- 
id.com" will fail, and presumably the connection will be killed.

Cheers,

Johnathan

---
Johnathan Nightingale
Human Shield
johnath at mozilla.com



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20070720/94c4f577/attachment-0002.htm>