Re: [websec] Comments on draft-ietf-websec-key-pinning-06
Trevor Perrin <trevp@trevp.net> Mon, 24 June 2013 21:06 UTC
Return-Path: <trevp@trevp.net>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 530D521E813B for <websec@ietfa.amsl.com>; Mon, 24 Jun 2013 14:06:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.425
X-Spam-Level:
X-Spam-Status: No, score=-0.425 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GWDb-inxaVu7 for <websec@ietfa.amsl.com>; Mon, 24 Jun 2013 14:06:22 -0700 (PDT)
Received: from mail-we0-x235.google.com (mail-we0-x235.google.com [IPv6:2a00:1450:400c:c03::235]) by ietfa.amsl.com (Postfix) with ESMTP id AD77C21E811B for <websec@ietf.org>; Mon, 24 Jun 2013 14:06:21 -0700 (PDT)
Received: by mail-we0-f181.google.com with SMTP id p58so8311671wes.26 for <websec@ietf.org>; Mon, 24 Jun 2013 14:06:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=br9jxQXqR2cE5sdxUww01G6r9wfMmLwmlIXIw2kEOro=; b=oZfnsZR2Co3eWoUtfCDMX7mMTLhk1neVhiXVGS+aNdLpQw3cawesQYeegqX84JYe5b aNkgLm9UadC8htHDhWIhVb6+jrbREMRY0YBLqE858qXTHuIiktO/wgflPzOU9jGwt8ps 4JSLmBJlgWtn8pm1WgobyaKQ+XAh+pLLT6Kj12xSVHzU8fp9K5xwoMaMfIE/YzCb6LZv aheG4ATYpw+u9U2Cly8kd0Z51U4VJ0FDW4ty731y0ltY2SuUyCtPepTZbwt5jgI3qsSE QAxPGacXzN/CbBKfI7mjzv1Q7JHbStzXQ4o6WJQOBRpmQ2iWmnT3Bf8RJk57lAFbzAgl Y55Q==
MIME-Version: 1.0
X-Received: by 10.180.83.200 with SMTP id s8mr7068054wiy.48.1372107973398; Mon, 24 Jun 2013 14:06:13 -0700 (PDT)
Received: by 10.216.212.9 with HTTP; Mon, 24 Jun 2013 14:06:13 -0700 (PDT)
X-Originating-IP: [12.27.66.5]
In-Reply-To: <51C7EECC.3020108@gondrom.org>
References: <8c03997da80b4e8da7100491011b8c12@BN1PR03MB039.namprd03.prod.outlook.com> <6F2FE5F2-D02C-4B09-A6CA-7C3B63722E34@checkpoint.com> <CAGZ8ZG32cRRU3rQ31cN0ZB78_Oxn7E4LpyTpYi0bT59jhzNuiw@mail.gmail.com> <51C7EECC.3020108@gondrom.org>
Date: Mon, 24 Jun 2013 14:06:13 -0700
Message-ID: <CAGZ8ZG0UiE9PJgscA+6yOqJxY_UWmjZfexdj+5w12wt=ChhziA@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: Tobias Gondrom <tobias.gondrom@gondrom.org>
Content-Type: multipart/alternative; boundary="14dae9cc92d45928f804dfecc833"
X-Gm-Message-State: ALoCoQnmvol5ppapfe2y4nty89ar5Q2pkPTkzKb/owNhn4DIZa+UFMKkbB+FNLTeq4IfukNbx0S2
Cc: IETF WebSec WG <websec@ietf.org>, David Matson <dmatson@microsoft.com>
Subject: Re: [websec] Comments on draft-ietf-websec-key-pinning-06
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jun 2013 21:06:26 -0000
On Mon, Jun 24, 2013 at 12:01 AM, Tobias Gondrom <tobias.gondrom@gondrom.org > wrote: > > On 24/06/13 09:13, Trevor Perrin wrote: > > Depends on the number of pinned keys. Chrome's existing preloads [1] > have 9, 5, 19, 36, 2, and 2 keys. That's a mean of 12, which would be >500 > bytes with SHA256. > > IMHO the expected session will be 2 keys with SHA-160 to SHA-512 per host. > I don't know what the common case would be. The numbers I cited are from the Chromium's preloaded key pins: https://src.chromium.org/viewvc/chrome/trunk/src/net/http/transport_security_state_static.json Note that a commercial CA might have several subordinate and root certificates, with different keys. To pin yourself to this CA, you may need to list several of these keys, and to be conservative a site might pin multiple CAs. (Are you suggesting that sites would list both a SHA256 and SHA1 hash for each pinned key? That seems unnecessary.) > Just for my understanding: Do you think this will create too much header > overhead and there want to the reference to the pin? > I don't know how much data a site could add to every HTTP Response before it starts becoming a problem. But that's the issue David raised. If it's a real problem, the idea of putting pin assertions in, say, a JSON file at a "well-known" URI seems reasonable. E.g.: http://www.example.com/.well-known/public-key-pins Trevor
- [websec] Comments on draft-ietf-websec-key-pinnin… David Matson
- Re: [websec] Comments on draft-ietf-websec-key-pi… Yoav Nir
- Re: [websec] Comments on draft-ietf-websec-key-pi… Trevor Perrin
- Re: [websec] Comments on draft-ietf-websec-key-pi… Tobias Gondrom
- Re: [websec] Comments on draft-ietf-websec-key-pi… Trevor Perrin
- Re: [websec] Comments on draft-ietf-websec-key-pi… Chris Palmer
- Re: [websec] Comments on draft-ietf-websec-key-pi… Chris Palmer
- Re: [websec] Comments on draft-ietf-websec-key-pi… Tobias Gondrom
- Re: [websec] Comments on draft-ietf-websec-key-pi… Trevor Perrin
- Re: [websec] Comments on draft-ietf-websec-key-pi… Trevor Perrin
- Re: [websec] Comments on draft-ietf-websec-key-pi… Tobias Gondrom
- Re: [websec] Comments on draft-ietf-websec-key-pi… Phillip Hallam-Baker
- Re: [websec] Comments on draft-ietf-websec-key-pi… Trevor Perrin
- Re: [websec] Comments on draft-ietf-websec-key-pi… Phillip Hallam-Baker