On Tue, Jul 27, 2010 at 10:10:54PM -0600, Paul Tiemann wrote: > I like the idea of SSL pinning, but could it be improved if statistics > were kept long-term (how many times I've visited this site and how > many times it's had certificate X, but today it has certificate Y from > a different issuer and certificate X wasn't even near its expiration > date...)
My preference would be for doing something like SCRAM (and other SASL/GSS mechanisms) with channel binding (using tls-server-end-point CB type). It has the effect that the server can confirm that the certificate seen by the client is the correct one -- whereas the server cannot do that in the "SSL pinning" approach. It'd have other major benefits as well. The problem is: there's no standard way to do this in web browser applications. Worse, there's not even any prototypes. I also like the Moonshot approach. > Another thought: Maybe this has been thought of before, but what about > emulating the Sender Policy Framework (SPF) for domains and PKI? > Allow each domain to set a DNS TXT record that lists the allowed CA > issuers for SSL certificates used on that domain. (Crypto Policy > Framework=CPF?) Better yet: use DNSSEC and publish TLS EE certs in the DNS. Nico -- --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
