I always get the "invalid name" attached to an XP
generated certificate, (see attachment). This error
condition is not dependent on the length of time a
certificate is present, but exists from the time it is
installed. Check the mitigating factors (below) . . . do
you think the problem could be related to the CryptoAPI?
Technical description:
The IETF Profile of the X.509 certificate standard defines
several
optional fields that can be included in a digital
certificate. One
of these is the Basic Constraints field, which indicates
the maximum
allowable length of the certificate's chain and whether
the certificate
is a Certificate Authority or an end-entity certificate.
However, the
APIs within CryptoAPI that construct and validate
certificate chains
(CertGetCertificateChain(),
CertVerifyCertificateChainPolicy(), and
WinVerifyTrust()) do not check the Basic Constraints
field. The same
flaw, unrelated to CryptoAPI, is also present in several
Microsoft
products for Macintosh.
The vulnerability could enable an attacker who had a valid
end-entity
certificate to issue a subordinate certificate that,
although bogus,
would nevertheless pass validation. Because CryptoAPI is
used by a
wide range of applications, this could enable a variety of
identity
spoofing attacks. These are discussed in detail in the
FAQ, but could
include:
Setting up a web site that poses as a different web site,
and "proving"
its identity by establishing an SSL session as the
legitimate web site.
Sending emails signed using a digital certificate that
purportedly belongs
to a different user.
Spoofing certificate-based authentication systems to gain
entry as a
highly privileged user.
Digitally signing malware using an Authenticode
certificate that claims
to have been issued to a company users might trust.
Mitigating factors:
Overall:
The user could always manually check a certificate chain,
and might
notice in the case of a spoofed chain that there was an
unfamiliar
intermediate CA. Unless the attacker's digital
certificate were
issued by a CA in the user's trust list, the certificate
would generate
a warning when validated. The attacker could only spoof
certificates of
the same type as the one he or she possessed. In the case
where the attacker
attempted an attack using a high-value certificate such as
Authenticode
certificates, this would necessitate obtaining a
legitimate certificate of
the same type - which could require the attacker to prove
his or her
identity or entitlement to the issuing CA.
|
Similar Threads
