[exim-dev] [Bug 3021] New: patch: The essence of a MITM is n…

Top Page
Delete this message
Reply to this message
Author: Exim Bugzilla
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 3021] New: patch: The essence of a MITM is not that both I and the server still think I have an encrypted connection
https://bugs.exim.org/show_bug.cgi?id=3021

            Bug ID: 3021
           Summary: patch: The essence of a MITM is not that both I and
                    the server still think I have an encrypted connection
           Product: Exim
           Version: 4.96
          Hardware: All
                OS: All
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Documentation
          Assignee: unallocated@???
          Reporter: u34@???
                CC: exim-dev@???


There is an attempt in parenthesis to shortly clarify what is the problem with
a MITM. I feel the clarification should be with other words.

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index d0f310f57..d02e309c8 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
-30293,10 +30293,10 @@ Issues:
.cindex DANE
DNS-based Authentication of Named Entities, as applied to SMTP over TLS,
provides assurance to a client that
it is actually talking to the server it wants to rather than some attacker
operating a Man In The Middle (MITM)
-operation. The latter can terminate the TLS connection you make, and make
another one to the server (so both
-you and the server still think you have an encrypted connection) and, if one
of the "well known" set of
-Certificate Authorities has been suborned - something which *has* been seen
already (2014), a verifiable
-certificate (if you're using normal root CAs, eg. the Mozilla set, as your
trust anchors).
+operation. The latter can terminate the TLS connection you have with the
server, and make another one (so both
+you and the server wrongly feel the encryption protects against interception)
and, if one of the "well
+known" set of Certificate Authorities has been suborned - something which
*has* been seen already (2014), a
+verifiable certificate (if you're using normal root CAs, eg. the Mozilla set,
as your trust anchors).

What DANE does is replace the CAs with the DNS as the trust anchor. The
assurance is limited to a) the possibility
that the DNS has been suborned, b) mistakes made by the admins of the target
server. The attack surface presented

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/