[websec] HPKP: Cross-signing with a self-signed certificate and pinning that cert?
jxtps435 <jxtps435@gmail.com> Mon, 21 September 2015 23:18 UTC
Return-Path: <jxtps435@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DAC91ACF02 for <websec@ietfa.amsl.com>; Mon, 21 Sep 2015 16:18:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.951
X-Spam-Level:
X-Spam-Status: No, score=0.951 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fMHFmMZSoMDY for <websec@ietfa.amsl.com>; Mon, 21 Sep 2015 16:18:54 -0700 (PDT)
Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72D4A1ACEED for <websec@ietf.org>; Mon, 21 Sep 2015 16:18:54 -0700 (PDT)
Received: by lbcao8 with SMTP id ao8so59255316lbc.3 for <websec@ietf.org>; Mon, 21 Sep 2015 16:18:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=/nQcLBVnSYYdXkF19D8vCL4pmtK3EFwrpEl6Omm0UNM=; b=MKlWlpXrDf9vvVnF0kJbbGzNScHD/dAPF/0CB3l5SBvdm5QddevouZwz6lwqa5fBQH ocuxFsOtEJIADq+yiv9orddHyjvKVGhau1XI10QoKlEdnvE1YAhTSt8pNrd6gDgjAKEv LbozqXGpLOEr1hDrveybWenNqurrCO0HaHrZ2ZNZI4DCZIjKY8OaU51t35PegoF/Axye +SjZ5jG8Q57k+Nr2XH4O1bFsRc46pe8Ftyd0rEt5HRQCWzXiVAQPKf8pS06TAhfiXqzW JsM2ySvYthq+jZGSLJ40VtZY0xpqjA0bH2Mmcyz4dXbWkV240XOrFhA8xdwZ1wyzIKyD NEtw==
MIME-Version: 1.0
X-Received: by 10.152.1.104 with SMTP id 8mr8592748lal.24.1442877532209; Mon, 21 Sep 2015 16:18:52 -0700 (PDT)
Received: by 10.112.210.134 with HTTP; Mon, 21 Sep 2015 16:18:52 -0700 (PDT)
Date: Mon, 21 Sep 2015 16:18:52 -0700
Message-ID: <CAD4tEwhLXn61X9RJNjjBcaBWJ+tGAGOtQTGNthF5NPXhT4qsJg@mail.gmail.com>
From: jxtps435 <jxtps435@gmail.com>
To: websec@ietf.org
Content-Type: multipart/alternative; boundary="089e013c64d4c30a2505204a1ab1"
Archived-At: <http://mailarchive.ietf.org/arch/msg/websec/dEbch5c7OCLbYdgjYkOjEzeT2LY>
Subject: [websec] HPKP: Cross-signing with a self-signed certificate and pinning that cert?
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Sep 2015 23:19:57 -0000
I'm interested in implementing HPKP on my sites, but it is a bit tricky to do: - We add / remove websites from a single SAN certificate on a semi-regular basis. - Our CA recently switched out at least their intermediate, if not their root cert in response to the SHA1 -> SHA256 transition. - We'd like to be able to switch root CA for business reasons. So pinning any of these certs seems like a recipe for disaster (maybe things won't change in the future, but when they have demonstrably changed in the past I would / should get fired if I don't take that into account). So basically, I need to be able to switch out our certificates at any time, for any reason, to any CA, without bricking our sites, to be able to use HPKP. Sounds impossible, right? But wait. What if I could cross-sign my certificates with a self-signed certificate and pin that certificate? So the browser would trust the regular root CA's authority, but it would do the pinning to my not-at-all-trusted self-signed certificate, enabling me to update my certs whenever I want, and as long as I can keep my self-signed cert safe no-one else can tamper with our sites. Would that work in theory? Would that work with current implementations? Thoughts? (I don't know the details of cross-signing, but apparently Google does it: http://googleonlinesecurity.blogspot.com/2015/09/disabling-sslv3-and-rc4.html )
- [websec] HPKP: Cross-signing with a self-signed c… jxtps435
- Re: [websec] HPKP: Cross-signing with a self-sign… Joseph Bonneau
- Re: [websec] HPKP: Cross-signing with a self-sign… Jeffrey Walton