5.3.2 Unauthorized SSTP Server Accepting Connections from a Genuine SSTP Client

In this scenario, a valid SSTP client is redirected by an attacker to an unauthorized SSTP server (for example, by DNS poisoning). In this scenario, the connection is terminated by the client at the SSL/TLS layer when the certificate validation check fails. It is recommended that the SSTP client validate that the common name and subject name in the server certificate match the host name to which the client established the connection. Also, it is recommended that the SSTP client validate that the server certificate contains either the "id-kp-serverAuth" or "anyExtendedKeyUsage" extended key usage (EKU). See [RFC5280] section 4.2.1.12 for details on "id-kp-serverAuth" and "anyExtendedKeyUsage".

Client connecting to an unauthorized SSTP server

Figure 10: Client connecting to an unauthorized SSTP server