[tor-talk] CA cert MITM vulnerability in Tor? (Was: hidden service on same location as public service)
coderman
coderman at gmail.com
Mon Jul 16 04:16:29 UTC 2012
On Mon, Jul 9, 2012 at 1:07 PM, Juenca R <juenca at yahoo.com> wrote:
> ...
> well I think that vulnerability is about using forged CA certs, no need to break the encryption. there's also the null-byte trick in CA certificates that was discovered to forge CA certs to look legit.
the null byte implementation failure does not apply to Tor. the rogue
CA attack does not apply to Tor.
> if not accessing hidden service, traffic at the exit is still vulnerable...
correct; a rogue CA cert could be leveraged for a MitM attack at a
malicious exit. this is outside the Tor threat model.
More information about the tor-talk
mailing list