undefined | Better HN

0 pointsjdormit6y ago0 comments

...do you? Unless the attacker has access to the private key associated with the SSL certificate, they can't read any HTTPS traffic encrypted via that certificate - mitigating the ability of that bad actor to perform a MITM attack.

0 comments

zaarn6y ago

And even if they get a key, they will show up in the CT Logs eventually and the attack becomes public.

judge20206y ago

The effectiveness of CT logs isn't a thing unless the website uses CT monitoring or is a huge company. A [delegated or non-delegated] DNS takeover, or IP address release (eg. cloud providers re-assigning an IP to another customer) could allow you to generate a certificate for some-forgotten-subdomain.medium-sized.company.com using the ACME http challenge. Of course this is mitigated by properly managing your DNS, and CT monitoring is encouraged everywhere.

acdha6y ago

In other words, the effectiveness of the CT logs is a thing. There are multiple services which will do this for you for free (Cloudflare and Facebook at least make it trivial to get notifications for your domains) and it’s a level of visibility which almost nobody had just a few years ago.

zaarn6y ago

crt.sh offers a RSS Feed, I use that to track all certificates issued for my domain. Doesn't really need anything expensive or complicated.

CT Logs don't mitigate any of the attacks but they make them very very very visible if they happen. Especially if a CA goes rogue, this will be immediately visible and provable.

Bnshsysjab6y ago

Cert pinning mitigates this too right?

1 more reply

tinix6y ago

Only if there's an Expect-CT header, which is trivial to strip.

zaarn6y ago

Well, no, the CT Log will include any valid certificate presented so any widespread attack will have to outright block access to the CT Logs or you're gong to have a bad time.

Expect-CT only controls if the browser will warn the user if the cert is not in the logs, it does nothing about certs being entered into the CT Logs themselves.

tinix6y ago

Yeah, I think they do, actually.

Two things...

Proxies are a thing, and stripping the Expect-CT header is trivial.

Any CA can generate a valid SSL cert for any domain.

qvrjuec6y ago

The above poster is still technically correct though, getting the cert is just 1 more obstacle in the way of the attack, which isn't as much of an obstacle as one would think for some actors(see China).

profmonocle6y ago

Certificate transparency would make it blatantly obvious if Chinese CAs were issuing bogus certificates. (And if they issued certs without submitting them to CT logs they wouldn't be accepted by Chrome or Safari, so it wouldn't be very useful.)

Sure, they could do it, but it wouldn't be long until there were no Chinese CAs trusted by any browser.

judge20206y ago

An attack like this could still be done for CLI clients/library clients such as curl (ie. server-to-server connections), none of which I'm aware of incorporate CT log verification.

2 more replies

j / k navigate · click thread line to collapse

0 comments

zaarn6y ago

And even if they get a key, they will show up in the CT Logs eventually and the attack becomes public.

judge20206y ago

acdha6y ago

zaarn6y ago

crt.sh offers a RSS Feed, I use that to track all certificates issued for my domain. Doesn't really need anything expensive or complicated.

CT Logs don't mitigate any of the attacks but they make them very very very visible if they happen. Especially if a CA goes rogue, this will be immediately visible and provable.

Bnshsysjab6y ago

Cert pinning mitigates this too right?

1 more reply

tinix6y ago

Only if there's an Expect-CT header, which is trivial to strip.

zaarn6y ago

Well, no, the CT Log will include any valid certificate presented so any widespread attack will have to outright block access to the CT Logs or you're gong to have a bad time.

Expect-CT only controls if the browser will warn the user if the cert is not in the logs, it does nothing about certs being entered into the CT Logs themselves.

tinix6y ago

Yeah, I think they do, actually.

Two things...

Proxies are a thing, and stripping the Expect-CT header is trivial.

Any CA can generate a valid SSL cert for any domain.

qvrjuec6y ago

profmonocle6y ago

Sure, they could do it, but it wouldn't be long until there were no Chinese CAs trusted by any browser.

judge20206y ago

An attack like this could still be done for CLI clients/library clients such as curl (ie. server-to-server connections), none of which I'm aware of incorporate CT log verification.

2 more replies

j / k navigate · click thread line to collapse