- From: Gervase Markham <gerv@mozilla.org>
- Date: Mon, 21 Aug 2006 14:48:34 +0100
Sorry for the delay in getting back to this. The context is that I asked for the "secure" attribute in the StorageItem interface to be an integer rather than a boolean, to accommodate Extended Validation certs as an additional security level. Ian Hickson wrote: > Is it ever possible to get an "ordinary cert" which claims to identify > some domain, but which was not purchased by the owners of that domain? Possibly. Some CAs issue "domain validation" certificates, which just say "yes, you own this domain". They confirm domain ownership by email to the contact listed in the DNS. If you put in a malicious request, and can intercept that email (perhaps by DNS spoofing), and reply to it authorising certificate issuance, then you can get a cert for a domain which is not yours. Perhaps this is not likely enough to worry about, and perhaps we can persuade even these "low-end" CAs to raise their game a little bit. And it will certainly not be possible to get an EV cert like this. I'm in two minds about whether I think this is still a good idea. On the one hand, it's true that the cert system (even at its lowest) should not be leaky enough to leak certs to people who don't own domains - even if the domain owner remains anonymous. On the other hand, we can't foresee the future, and it might give EV cert site owners an additional reassurance that there's no way anyone can get at their stored data unless they've managed to break the EV (as opposed to the standard) process. Gerv
Received on Monday, 21 August 2006 06:48:34 UTC