1. SSL Trust Pitfalls Prof. Ravi Sandhu

2. 2 © Ravi Sandhu 2006 SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol

3. 3 © Ravi Sandhu 2006 CLIENT-SIDE SSL (OR 2-WAY) HANDSHAKE WITH RSA Record Protocol Handshake Protocol

4. 4 © Ravi Sandhu 2006 MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL X Q A R ST CEGIKMO abcdefghijklmnop

5. 5 © Ravi Sandhu 2006 MULTIPLE ROOT CAs PLUS INTERMEDIATE CAs MODEL Essentially the model on the web today Deployed in server-side SSL mode Client-side SSL mode yet to happen

6. 6 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser www.host.com Web server Server-side SSL Ultratrust Security Services www.host.com

7. 7 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser www.host.com Web server Server-side SSL Ultratrust Security Services www.host.com Mallorys Web server BIMM Corporation www.host.com Server-side SSL

8. 8 © Ravi Sandhu 2006 SERVER-SIDE MASQUARADING Bob Web browser www.host.com Web server Server-side SSL Ultratrust Security Services www.host.com Mallorys Web server Server-side SSL BIMM Corporation Ultratrust Security Services www.host.com

9. 9 © Ravi Sandhu 2006 REFERENCES "The problem with multiple roots in Web browsers-certificate masquerading" by Hayes, J.M. Proceedings Seventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE 1998. (WET ICE '98) 17-19 June 1998 Page(s): 306 -311.