Notes for March 6, 1998
- Greetings and felicitations!
- Reading: Pfleeger, pp. 377-426; Garfinkel & Spafford, pp.
449-478, 669-700
- Puzzle
- PEM, PGP
- Goals: confidentiality, authentication, integrity, non-repudiation
(maybel)
- Design goals: drop in (not change), works with any RFC 821-conformant MTA
and any UA, and exchange messages without prior interaction
- Use of Data Exchange Key, Interchange Key
- Review of how to do confidentiality, authentication, integrity with public
key IKs
- Details: canonicalization, security services, printable encoding (PEM)
- Certificate-based key management
- PGP v. PEM
- Certificates
- Binding key to name, notion of issuer
- PEM trust hierarchy, certificate types
- X.509/PGP web of trust model
- Common Implementation Vulnerabilities
- Unknown interaction with other system components (DNS entry with bad names,
assuming finger port is finger and not chargen)
- Overflow (year 2000, lpr overwriting flaw, sendmail large integer flaw, su
buffer overflow)
- Race conditions (xterm flaw, ps flaw)
- Environment variables (vi one-upsmanship, loadmodule)
- Not resetting privileges (Purdue Games incident)
[ ended here ]
You can also see this document
in its native format,
in Postscript,
in PDF,
or
in ASCII text.
Send email to
cs153@csif.cs.ucdavis.edu.
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 3/9/98