[websec] HPKP and preloaded pin lists
Trevor Perrin <trevp@trevp.net> Thu, 20 June 2013 21:09 UTC
Return-Path: <trevp@trevp.net>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7F7311E8121 for <websec@ietfa.amsl.com>; Thu, 20 Jun 2013 14:09:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.806
X-Spam-Level:
X-Spam-Status: No, score=-0.806 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, RCVD_IN_SORBS_WEB=0.619, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BYlyl1nYwZ5I for <websec@ietfa.amsl.com>; Thu, 20 Jun 2013 14:09:41 -0700 (PDT)
Received: from mail-wg0-x22b.google.com (mail-wg0-x22b.google.com [IPv6:2a00:1450:400c:c00::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 6C12411E8127 for <websec@ietf.org>; Thu, 20 Jun 2013 14:09:41 -0700 (PDT)
Received: by mail-wg0-f43.google.com with SMTP id z11so5997525wgg.22 for <websec@ietf.org>; Thu, 20 Jun 2013 14:09:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=QFcNjirCx3CQuuPtQgcwyfMcGeIYJIrziyUdq0EBF/I=; b=LiuKdpkaZ1KyqansGiNtmgslKPgbFl4exE0H7wBrVGMAaMJsJbUZZJAbGtJTsB9b9b Qc10uHE9BQkaUOuAQ5yNJUbe0SWs2qvUO9wnGwdp6gIm4wWFruOetFVVASi+o23Cz8RL vFJOre4JQ8hOQKGMEdSTyNfKJYQ7RQ5pXrXbvT3PoeDvskWAYuT95D1Fb1fCGPf9HgFt Bh74G0Dr2LljxWs1+L5eg0K8D2Eaahd67qJWZkacjmjeX6zsFH2At2fJSBHgb377d0BC UgChVP1IOvxm2AAJfWAhScWV2NS5ue0ALZID3HCGRPAkrSJFnAmKtikxJssOBqnTf5N0 kwpg==
MIME-Version: 1.0
X-Received: by 10.194.24.135 with SMTP id u7mr6965845wjf.7.1371762580286; Thu, 20 Jun 2013 14:09:40 -0700 (PDT)
Received: by 10.216.212.9 with HTTP; Thu, 20 Jun 2013 14:09:40 -0700 (PDT)
X-Originating-IP: [208.70.28.214]
Date: Thu, 20 Jun 2013 14:09:40 -0700
Message-ID: <CAGZ8ZG1iyKVB4y7V_1VxThXJWv5BD2Sy0S8dvqzVU=6Tj1sdSg@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: IETF WebSec WG <websec@ietf.org>
Content-Type: multipart/alternative; boundary="047d7b5d304a50841004df9c5df1"
X-Gm-Message-State: ALoCoQl1bPOkE7kKQ+qV5rmjXNFBJO9N3hPwrsDtsF8Ei9uCZvoHGNFJAI9E3m84S9tltaNXcSxS
Subject: [websec] HPKP and preloaded pin lists
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 21:09:47 -0000
Hi, I'm not sure I understand section 2.7 on "Interactions With Preloaded Pin Lists". At first glance it seems clear: Both preloaded and dynamic pins MUST store the "Effective Pin Date" when the pin was most recently observed, and browsers MUST use only the most recent information. E.g.: T10 - Crawler notes a pin for "example.com" T15 - Browser notes a different pin for "example.com" T20 - Crawler sends preloaded pin to Browser In this case, the browser MUST ignore the preloaded pin, and only apply the pin it noted at T15. But what if the browser-noted pin has a max-age of 0 or 1? Or what if the T15 connection occurs over a secure transport but has no PKP header? The spec says: "If the result of noting a Valid Pinning Header is to disable pinning for the host, such as through supplying a max-age directive with a value of 0, UAs MUST allow this new information to override any other pinning data. That is, a host must be able to un-pin itself, even in the presence of built-in pins." That seems to imply the browser needs to remember "un-pinning" responses it receives (i.e. max-age=0 or no PKP header), and expired pins, on the chance that any of these might "un-pin" a preloaded pin it receives later? That seems fairly complicated, and rather inflexible (I could imagine a browser might trust its preload data more than dynamic data, and prefer that take precedence). So what if browsers were simply allowed to apply *either* the preload or dynamic pin, or both? The browser could choose to apply a complex, time-based algorithm like above, or do something simpler like apply both pins, or let preloads take precedence. This also allows for implementations which don't need to store either the "Effective Pin Date" (only the expiration time), or "un-pinning" entries. Thoughts? Trevor
- [websec] HPKP and preloaded pin lists Trevor Perrin
- Re: [websec] HPKP and preloaded pin lists Joseph Bonneau
- Re: [websec] HPKP and preloaded pin lists Yoav Nir