Integrity protection of fetches
Matt McCutchen
matt at mattmccutchen.net
Tue Aug 10 02:44:46 UTC 2010
On Mon, 2010-08-09 at 12:11 -0700, Adam Williamson wrote:
> On Sun, 2010-08-08 at 11:34 -0700, Matt McCutchen wrote:
> > On Fri, 2010-08-06 at 11:29 -0500, Steve Bonneville wrote:
> > > i.grok at comcast.net wrote:
> > > > Ideally (from this perspective), the host would validate the response itself.
> > >
> > > Exactly, if sshd is sufficiently paranoid it should make a query with
> > > CD set in the request and do all the validation client-side. If you let
> > > your nameserver do the validation, I think it's still possible to MITM
> > > this by messing with the communication between the stub resolver and the
> > > name server, which isn't secured.
> >
> > Not to mention that one has to trust one's own nameserver, which is a
> > bad idea when using a public wireless access point. In order to achieve
>
> I believe that can be simplified to 'using a public wireless access
> point is a bad idea' =)
No, it just means that everything is untrustworthy until proven
otherwise. If you use SSL or equivalent, you're fine.
--
Matt
More information about the devel
mailing list