Re: [TLS] [POSSIBLE SPAM] Re: Asking the browser for a different certificate

Marsh Ray <> Tue, 30 March 2010 14:51 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 90B2D3A6BD4 for <>; Tue, 30 Mar 2010 07:51:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.737
X-Spam-Status: No, score=0.737 tagged_above=-999 required=5 tests=[AWL=-0.394, BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MRmV8MzNQUXt for <>; Tue, 30 Mar 2010 07:51:37 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 1156D3A6BE5 for <>; Tue, 30 Mar 2010 07:50:07 -0700 (PDT)
Received: from ([]) by with esmtpa (Exim 4.68) (envelope-from <>) id 1Nwcm3-000AKQ-SI; Tue, 30 Mar 2010 14:50:35 +0000
Received: from [] (localhost []) by (Postfix) with ESMTP id B593C60B8; Tue, 30 Mar 2010 14:50:33 +0000 (UTC)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Report-Abuse-To: (see for abuse reporting information)
X-MHO-User: U2FsdGVkX1/tidMqsErf3Zna3rlaZtOJZ38Y+W/+i0o=
Message-ID: <>
Date: Tue, 30 Mar 2010 09:50:35 -0500
From: Marsh Ray <>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: Gecko/20100216 Thunderbird/3.0.2
MIME-Version: 1.0
To: "Kemp, David P." <>
References: <> <> <> <><> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.0.1
OpenPGP: id=1E36DBF2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: TLS Mailing List <>
Subject: Re: [TLS] [POSSIBLE SPAM] Re: Asking the browser for a different certificate
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 30 Mar 2010 14:51:38 -0000

On 3/30/2010 9:24 AM, Kemp, David P. wrote:
> ADH is a pretty standard way of
> reducing ID exposure from an infinite number of attackers down to 1
> active party

It doesn't reduce it to one active party because Malloy can't know any
better than Alice or Bob if one of his connections is itself being MITM'd.

One could imagine amusing scenarios where AT&T and China bump into each
other on the wire and begin to argue "hey, buddy, go get your own
Facebook connection".

> and 0 passive parties.  That's a fairly significant
> reduction.

Defeating passive eavesdropping is important, but it's sufficient in

In the past, people were on shared Ethernet and would naturally be in a
position to quietly observe every packet going by.

For several common types of attacks today it's no harder to modify the
packets than it is to observe them. Think of China and Pakistan DNS- and
BGP-jacking YouTube for recent examples.

- Marsh