This looks like a pretty serious (but fixable) design flaw in ACME / Let's Encrypt: https://mailarchive.ietf.org/arch/msg/acme/F71iz6qq1o_QPVhJCV4dqWf-4Yc …
-
-
Replying to @bascule
PROTIP: the security of a digital signature algorithm is in the keys. Do not try to use a signature alone to decide if you trust a key
1 reply 0 retweets 4 likes -
Replying to @bascule
I believe the ACME signature-under-an-untrusted-key attack is technically known as an unknown key-share attack
2 replies 0 retweets 4 likes
Replying to @trevp__
@trevp__ Thanks for that pointer! It led me to http://eprint.iacr.org/2011/343 , which describes the attack perfectly. @bascule
4:09 PM - 12 Aug 2015
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.