Date: Fri, 1 May 2015 19:15:22 +0000 From: mancha <mancha1@...o.com> To: oss-security@...ts.openwall.com Subject: On sanctioned MITMs In recent times, we've seen the growing popularity of CDNs such as Akamai Prolexic, CloudFlare, and Incapsula that, among other services, provide upstream DDoS mitigation to vulnerable servers. In the context of SSL/TLS, the interposition between client and server can take many forms. For example, CloudFlare offers products such as "Flexible SSL", "Full SSL", and "Full SSL (strict)" . In addition, they've recently rolled out a new product they call "Keyless SSL". Hushmail is a email provider that prominently advertises security and built-in encryption . In the past day or two, Hushmail webmail access began getting handled by CloudFlare  & . CloudFlare's server, in effect a sanctioned man-in-the-middle, serves its own X.509 certificate issued by "GlobalSign Organization Validation CA - G2" (attached). The certificate has a *.hushmail.com DNS name in its SAN extension so browsers with the GlobalSign certificate in their root store proceed without incident when connecting to https://www.hushmail.com. Though Hushmail email credentials, for example, can't be sniffed in the segment connecting the client to CloudFlare, they are available to CloudFlare's infrastucture. Moreoever, there is no way for the client to verify that the segment connecting CloudFlare to the destination server is similarly encrypted (i.e. it might be in the clear as would be the case when using CloudFlare's "Flexible SSL" product). Hushmail's CloudFlare usage serves as an example that brings me to my general point. How should the security community view this growing use of sanctioned MITM in light of the ever-increasing amount of sensitive content sent over SSL/TLS encrypted channels (e.g. email, electronic banking, medical records, etc.)? --mancha =====  https://www.cloudflare.com/images/ssl/ssl.png  https://www.hushmail.com  dig www.hushmail.com id 20483 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION www.hushmail.com. IN A ;ANSWER www.hushmail.com. 299 IN A 22.214.171.124 www.hushmail.com. 299 IN A 126.96.36.199 www.hushmail.com. 299 IN A 188.8.131.52 www.hushmail.com. 299 IN A 184.108.40.206 www.hushmail.com. 299 IN A 220.127.116.11 ;AUTHORITY ;ADDITIONAL  whois 18.104.22.168 NetRange: 22.214.171.124 - 126.96.36.199 CIDR: 188.8.131.52/12 NetName: CLOUDFLARENET NetHandle: NET-104-16-0-0-1 Parent: NET104 (NET-104-0-0-0-0) NetType: Direct Assignment OriginAS: AS13335 Organization: CloudFlare, Inc. (CLOUD14) RegDate: 2014-03-28 Updated: 2014-03-28 Comment: https://www.cloudflare.com Ref: http://whois.arin.net/rest/net/NET-104-16-0-0-1 ===== View attachment "hushmail-cloudflare.pem" of type "text/plain" (1888 bytes) Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.