image

Microsoft waarschuwingen niet verifierbaar

donderdag 26 juli 2001, 22:34 door Redactie, 1 reacties

Aankondigingen van Microsoft met betrekking tot beveiligingsproblemen
blijken niet verifieerbaar: de elektronische handtekening waarmee de berichten zijn ondertekend klopt niet. Eerder
deze maand deed er al een valse Microsoft waarschuwing de ronde, waarin een poging werd gedaan de argeloze gebruiker een trojaans paard te laten downloaden.

Reacties (1)
27-07-2001, 08:27 door Anoniem
There are several issues here, some of which relate to the mailer, some of which involve Microsoft's signing process, and some of which involve how the PGP product works. I'll do my best to explain what's happening, but if you have questions about using PGP, Network Associates is really the authoritative information source.

The signature status and the key validity are two different issues entirely. The signature status ("good" in your note below) means that the signature was successfully verified. This tells you that the email hasn't been tampered with in transit, and that the public key you used to verify it is the mate to the private key that was used to sign it. What this does *not* tell you is whether the key is actually the Microsoft key -- that's what the validitor indicator tells you. In the case you cited below, the validity indicator ("invalid") means that PGP couldn't certify that the key actually is the Microsoft key. There's a fine shade of meaning here that's very important. "Invalid" doesn't mean that the key isn't the Microsoft, only that PGP couldn't confirm that it's the Microsoft key. PGP assesses the validity of a key by seeing whether anyone you trust has vouched for its authenticity by signing it. In this case, it says that the key is invalid because nobody you trust has signed it.

As you noted, there are two signatures on the key. One is a self-signature; the other belongs to a group called MS-CERT. Because you don't have MS-CERT's key in your keyring, its signature on the key is meaningless -- it doesn't have any bearing on the key's validity one way or the other. We don't ask other parties to sign our key because there are over 150,000 subscribers to our notification service, and it's unlikely that there is a key (or even a reasonable set of keys) that is trusted by all of them. Instead, we provide a different way to validate that you've downloaded the bona fide Microsoft key. You can download the key via an SSL session, and when downloading the key you can check the certificate to confirm that you're actually at the Microsoft web site. After downloading it, you can check the key's fingerprint against the one posted on the download page and confirm that they're the same. (BTW, you're right that the page on the mailer is currently returning an error. We're working to get it returned to service, but in the meantime an alternative URL is http://www.microsoft.com/technet/security/bulletin/notify.asp).

Because the validity assessment from PGP is based on whether someone you trust has signed the key, you can, if you like, make the key valid by signing it yourself. However, there's no requirement to do this -- PGP doesn't require that the be shown as valid in order to use it to verify the signature. If you do decide to sign the key, you should only do so after confirming via one of the methods above that it really is the Microsoft key. Don't simply sign the key in order to make the error
message go away.

You're right that the name on the signing key (secure@microsoft.com) is different from the address that sent the email (secnotif@microsoft.com). However, this has nothing to do with whether the signature can be verified, nor does it have anything to do with PGP's validity assessment. When verifying the signature, PGP selects the right key in your keyring based on the name associated with the signing key. The "from" address on the email doesn't play any part in verifying the signature. We use the [email]secure@microsoft.com[/email] key to sign bulletin mailers in order to minimize the number of Microsoft keys customers have to have in their PGP keyrings. We need to have a key that customers can use to send us encrypted mail at [email]secure@microsoft.com[/email], and we also need one we can use to sign bulletin mailers. We concluded that we could avoid a certain amount of confusion by using the same key for both purposes.

As you noted, there have been a number of bogus bulletin mailers circulating lately, and it's a good idea to always confirm the signature on any mailer you receive. The signature verification on a mail could fail for any of a number of innocuous reasons -- the Notification Service's list server might flip a bit, the mail viewer on your local machine might reformat the mail when displaying it, etc -- or it could be a bogus mailer sent by a malicious user. The signature verification process doesn't give you any way to know which is the case. Anytime the signature verification fails, the best course of action is to visit http://www.microsoft.com/technet/security and view the web-hosted version of the bulletin. The version on the web is always the authoritative version.

Hope that helps explain the situation. There's more information on this subject available at http://www.microsoft.com/technet/itsolutions/security/news/bogus.asp.
Regards,

Scott Culp
Security Program Manager
Microsoft Security Response Center
Reageren

Deze posting is gelocked. Reageren is niet meer mogelijk.