Re: ecommerce / ssl over 3g ?

Mike H wrote: 
IIRC, as SSL is initiated, the client requests a key from the site. The
proxy, sitting in the middle of this exchange, grabs this request, and
requests one from the site itself instead. This way it gets the key! It then
sends the response on to the client.

This is perfectly possible: however your proxy will not be able to re-encode the stream since it doesn't know the private key.

The only way (as I said before) for a proxy to intercept a request in this way is for it to pass the request to the server, decrypt it and then re-encrypt in its own SSL channel - at which point the encrypting certificate would not match the site certificate and the browser would complain bitterly.

If what you said were true then a Man-In-The-Middle attack would be a piece of cake and SSL would be a complete waste of time.

The only way 3 could make this work is by having their own key set as a trusted signing authority in every single client which would be accessing the internet through their proxy, including every browser on a computer that could be connected through a phone, and then generate on-the-fly their own signed certificate for every SSL site requested.

I suppose this could be construed as "how you have your proxy set up" but it requires an explicit action by the phone manufacturer or the OEM supplier and even then it would still fail for people browsing on their laptops using their phone as a modem (with bluetooth or whatever).

Further, I imagine that any ISP attempting to do this kind of thing would soon find themselves in a pile of public-relations doo-doo significantly bigger and smellier than anything Sony are experiencing right now.

Geoff
.

Relevant Pages

  • How to send response headers from proxy to browser?
    ... The proxy server intercepts every request from the ... browser and redirect it to www.yahoo.com. ... should we do to send the response headers from proxy? ...
    (comp.lang.java.programmer)
  • Re: writing a proxy ..
    ... the browser but I get a BAD REQUEST. ... I dont quite understand your code, To clear things up, is this code for an http proxy? ... if so why does the request originate with the proxy and where does your browser come into it. ... Can you explain the architecture of this thing, I usually expect there to be a Client talking to a Proxy which relays the request to a Server. ...
    (comp.lang.java.programmer)
  • [Full-disclosure] Evading URL Filtering(websense) software configured in Transparent (or Sniffing) m
    ... Evading URL Filtering software configured in Transparent mode, ... but Websense has been informed in December ... They also had a copy of this proxy script for over ... Websense looks at this request and answers yes or no ...
    (Full-Disclosure)
  • Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite?
    ... manually trap HTTP REQUEST and forward it onto the server. ... change your proxy settings by clicking the button under the "proxy" tab to ... Cisco 3015 concentrator VPN bruteforce? ... interaction, like a header rewrite on the fly. ...
    (Pen-Test)
  • Re: AOL "proxy" behavior?
    ... > of valid AOL proxy behavior where a request for a single page can go thru ... Spawning multiple proxies to request information that ... > generally only 1 proxy would get. ... then the second had picked up the cookie of the ...
    (Incidents)