Re: [websec] New draft of HTTP header-based public key pinning
Chris Evans <cevans@google.com> Wed, 09 November 2011 03:59 UTC
Return-Path: <cevans@google.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A403811E80D7 for <websec@ietfa.amsl.com>; Tue, 8 Nov 2011 19:59:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.976
X-Spam-Level:
X-Spam-Status: No, score=-102.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5LsJkLa3fc3W for <websec@ietfa.amsl.com>; Tue, 8 Nov 2011 19:59:58 -0800 (PST)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id BE84E21F8511 for <websec@ietf.org>; Tue, 8 Nov 2011 19:59:58 -0800 (PST)
Received: by ywt2 with SMTP id 2so1559173ywt.31 for <websec@ietf.org>; Tue, 08 Nov 2011 19:59:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-system-of-record; bh=5qsPdkB0wghE7O5iPiVfwLhcQejW1mq8UKhcF7QA3PU=; b=jAmkj4Zpj9aDmP8MGd3g2vDyOsiXKpWl8M4qaJZ/QBQddNmuXm1SSPBxtYMBboiRdH UbP7+fQjabrrfjZUR5Yg==
Received: by 10.100.49.27 with SMTP id w27mr330259anw.134.1320811198150; Tue, 08 Nov 2011 19:59:58 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.49.27 with SMTP id w27mr330242anw.134.1320811197950; Tue, 08 Nov 2011 19:59:57 -0800 (PST)
Received: by 10.150.227.6 with HTTP; Tue, 8 Nov 2011 19:59:57 -0800 (PST)
In-Reply-To: <5EE049BA3C6538409BBE6F1760F328ABEBED718018@DEN-MEXMS-001.corp.ebay.com>
References: <CAOuvq21Ne0CWT3Dzn0sutGDBg0K+efZhxmqBZiLuxbO2OwxnFg@mail.gmail.com> <CA+cU71kFFpuooyiBTarvLT3VJigZhW0BgpQi1gMTn7zB=sFh+w@mail.gmail.com> <CAOuvq20uCZsp80yJ6gjeh-AGVswu3GTPuSYYCGyXPWpO-RJpsA@mail.gmail.com> <5EE049BA3C6538409BBE6F1760F328ABEBED718018@DEN-MEXMS-001.corp.ebay.com>
Date: Tue, 08 Nov 2011 19:59:57 -0800
Message-ID: <CAFmnb5+vSowXjnutYwqg59mOjxBQj4NySofU-ASYwQDreYqfNg@mail.gmail.com>
From: Chris Evans <cevans@google.com>
To: "Steingruebl, Andy" <asteingruebl@paypal-inc.com>
Content-Type: multipart/alternative; boundary="001485f87bb044ece404b145521f"
X-System-Of-Record: true
X-Mailman-Approved-At: Tue, 08 Nov 2011 21:35:43 -0800
Cc: Ian Fette <ifette@google.com>, IETF WebSec WG <websec@ietf.org>, Wan-Teh Chang <wtc@google.com>
Subject: Re: [websec] New draft of HTTP header-based public key pinning
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2011 04:00:18 -0000
On Tue, Nov 8, 2011 at 7:48 PM, Steingruebl, Andy < asteingruebl@paypal-inc.com> wrote: > > -----Original Message----- > > From: Chris Palmer > > > > > - There is no directive or suggestion to User Agents about saving or > > > not saving pins received in a private browsing mode. Maybe there > > > shouldn't be, but if a User-Agent does save them, the same 304/ETag > > > trick malicious sites use to track users can be created using certs > > > and subdomains. > > > > Yes, another person raised this concern, and it is real. I don't see a > way to > > resolve this problem; perhaps I am not smart enough, but I can't see a > way to > > have both dynamic pinning AND avoid this tracking attack. > > > > I am willing to add a paragraph about what browsers should do in private > > browsing mode, and I am willing to go either way on what the requirement > > should be. I don't know what is best. > > We battled this problem with HSTS as well. I think what Mozilla settled > on (and I don't remember the Chrome solution) is to use a different storage > mechanism when HSTS is *set* during private browsing mode, and clear on > exit from private browsing. > I recently fixed Chrome's behaviour here to be (barring regressions): - _New_ HSTS metadata encountered in incognito mode is saved in-memory for the duration of the incognito session, but never persisted to disk, or seen outside of the incognito windows. - Incognito mode _will_ use HSTS metadata that was already persisted to disk at the start of the incognito session. That seemed like a solid balance between the various privacy vs. security concerns. > Clearing history/cookies on the browser is similarly problematic for HSTS > and pinning. This is unfortunate in that we'd really like it to be hard > for users to clear HSTS state because it is "good for them". Not clear > whether this belongs in the spec, or a set of implementation guidelines. > Folks got squeamish here about talking about exact UA behavior, etc. > For Chrome, I believe it is tied to cookies: "Cookies and other site data". Last I talked with Sid at Firefox, they were thinking of splitting off cookies from other site data. I'm not sure where that went. It also gets complicated: is HTML5 database / indexed storage "cookies" or "other site data", etc. etc. I'd recommend we stay out of providing exact UA requirements here other than a "SHOULD" for providing _some_ user-friendly way to clear HSTS metadata. Realistically, it's a pretty small percentage of the browsing population that go in and fiddle with storage settings. Cheers Chris > There is a Firefox bugzilla bug about this issue, I'll try to go find it > and post back here unless someone beats me to it. > > - Andy > >
- [websec] New draft of HTTP header-based public ke… Chris Palmer
- Re: [websec] New draft of HTTP header-based publi… Tom Ritter
- Re: [websec] New draft of HTTP header-based publi… Chris Palmer
- Re: [websec] New draft of HTTP header-based publi… Steingruebl, Andy
- Re: [websec] New draft of HTTP header-based publi… Chris Evans
- Re: [websec] New draft of HTTP header-based publi… Yoav Nir
- Re: [websec] New draft of HTTP header-based publi… Julian Reschke
- Re: [websec] New draft of HTTP header-based publi… Adam Barth
- Re: [websec] New draft of HTTP header-based publi… Steingruebl, Andy
- Re: [websec] New draft of HTTP header-based publi… Adam Barth
- Re: [websec] New draft of HTTP header-based publi… Paul Hoffman
- Re: [websec] New draft of HTTP header-based publi… Adam Barth
- Re: [websec] New draft of HTTP header-based publi… Chris Palmer
- Re: [websec] New draft of HTTP header-based publi… Julian Reschke
- Re: [websec] New draft of HTTP header-based publi… Chris Palmer
- Re: [websec] New draft of HTTP header-based publi… Julian Reschke
- Re: [websec] New draft of HTTP header-based publi… Chris Palmer
- Re: [websec] New draft of HTTP header-based publi… Ryan Sleevi
- Re: [websec] New draft of HTTP header-based publi… Chris Palmer