Re: [websec] Certificate Pinning via HSTS
Phillip Hallam-Baker <hallam@gmail.com> Wed, 14 September 2011 13:24 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 443BB21F8CB0 for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 06:24:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.429
X-Spam-Level:
X-Spam-Status: No, score=-3.429 tagged_above=-999 required=5 tests=[AWL=0.169, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UuQAoQMj0JuA for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 06:24:51 -0700 (PDT)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by ietfa.amsl.com (Postfix) with ESMTP id 75C4521F8C00 for <websec@ietf.org>; Wed, 14 Sep 2011 06:24:51 -0700 (PDT)
Received: by gwb20 with SMTP id 20so337817gwb.31 for <websec@ietf.org>; Wed, 14 Sep 2011 06:27:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=VI0noTB19GEXZjjJjxshFDduUHHFKkOix9/DjQEDe6c=; b=hs+LP6+tiO1RBJBfp/YhS20u6n3RDetW9c+KhJFzBEGGBBcWwgz/RAZvfbenaRZyHD BQS1tXDs+FU0IvAiLYlyZJOB+t/19ek9cpzsAcBDsCY1LuOdjAUUvnh1+XoEjR1944v6 EF03HslETzZRTAU+Z4HTxRH/DnwyzHmesbycY=
MIME-Version: 1.0
Received: by 10.100.55.34 with SMTP id d34mr1100376ana.30.1316006820119; Wed, 14 Sep 2011 06:27:00 -0700 (PDT)
Received: by 10.100.120.20 with HTTP; Wed, 14 Sep 2011 06:26:59 -0700 (PDT)
In-Reply-To: <498A0E83-7C80-4226-9D69-7A7E93D8C929@bbn.com>
References: <CAOuvq22p2qNnXRsK=PS=mxknnq4MrCWt0Np-N8su-iHXaWHqpg@mail.gmail.com> <498A0E83-7C80-4226-9D69-7A7E93D8C929@bbn.com>
Date: Wed, 14 Sep 2011 09:26:59 -0400
Message-ID: <CAMm+Lwio=Uo5jbm9vCPohbLsZr5iq5OZax1t4zy+_kqbs-5qpA@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: "Richard L. Barnes" <rbarnes@bbn.com>
Content-Type: multipart/alternative; boundary="001485f6d9f409047604ace6b746"
Cc: Chris Evans <cevans@google.com>, websec@ietf.org
Subject: Re: [websec] Certificate Pinning via HSTS
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Sep 2011 13:24:56 -0000
Or maybe DANE should consider migrating to the WEBSEC approach. I was pushing for DANE to consider the pinning and 'must be SSL' approach from the start. The consensus of the group has been that they don't want to consider those use cases at all. Furthermore the response I have got from the key contributors has been 'we don't want to consider those issues because we can't understand the issues and have no interest in attempting to do so'. The reason that I was pushing hard to get the use of prefixes fixed was because I have been looking at these use cases for two years now and I don't see the naive prefix approach that has been insisted on will allow for effective security policy. If you want DANE to be compatible with the WebSec approach I suggest that DANE make the accommodations to the deployed HTTP and TLS infrastructure rather than propose a completely new infrastructure and then demand that everyone work around the legacy you have just created. There is 20 years of Web legacy. It is big, ugly and complex. There is 0 years of DANE legacy. PKI is really hard for reasons that go beyond the syntax and structure of X.509v3. The complexity of PKIX comes mostly from the fact that the original design did not have enough flexibility to meet real world needs and so a heck of a lot that should have been in the core ended up as ad-hoc extensions and patches. In particular X.509 was originally designed round a PEM style monolithic hierarchy. On Mon, Sep 12, 2011 at 8:54 PM, Richard L. Barnes <rbarnes@bbn.com> wrote: > Hey Chris & Chris, > > This seems like a useful near-term approach, but also probably something > that might want to migrate to DANE over time. > > Is there any particular reason you're using key fingerprints instead of > cert fingerprints? It seems like the latter might be slightly easier to > implement, since you don't have to parse the cert. > > --Richard > > > > On Sep 12, 2011, at 5:56 PM, Chris Palmer wrote: > > > Hi all, > > > > Chris Evans and I work at Google on the Chrome security team. We have > > devised this specification for a new extension to Strict Transport > > Security to allow site operators to "pin" certificates: UAs will > > require that TLS connections be validated with at least one of the > > public keys identified in the new "pins" directive in the HSTS header. > > (Sites can pin to one or more public keys in end entity, subordinate > > CA, and/or root CA certificates, for flexibility and disaster > > recovery.) > > > > We hope that this mechanism opens up the benefits of certificate > > pinning to more sites. Currently, Chrome can "pre-load" HSTS behavior > > and certificate pins for sites, but the mechanism for doing this > > (email us!) does not scale. > > > > We eagerly anticipate your comments, questions, concerns, et c. As you > > can see from the Ideas section, there are some unanswered questions > > about the behavior of UAs and hosts, and possible extensions to the > > policy. > > > <CertificatePinningExtensionforHSTS.pdf>_______________________________________________ > > websec mailing list > > websec@ietf.org > > https://www.ietf.org/mailman/listinfo/websec > > _______________________________________________ > websec mailing list > websec@ietf.org > https://www.ietf.org/mailman/listinfo/websec > -- Website: http://hallambaker.com/
- [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Richard L. Barnes
- Re: [websec] Certificate Pinning via HSTS SM
- Re: [websec] Certificate Pinning via HSTS =JeffH
- Re: [websec] Certificate Pinning via HSTS Richard L. Barnes
- Re: [websec] Certificate Pinning via HSTS Marsh Ray
- Re: [websec] Certificate Pinning via HSTS Yoav Nir
- Re: [websec] Certificate Pinning via HSTS Adam Langley
- Re: [websec] Certificate Pinning via HSTS James Nicoll
- Re: [websec] Certificate Pinning via HSTS Adam Langley
- Re: [websec] Certificate Pinning via HSTS Tobias Gondrom
- Re: [websec] Certificate Pinning via HSTS Tom Ritter
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Philip Gladstone
- Re: [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker