On Tue, Apr 14, 2015 at 7:01 AM, Aryeh Gregor <a...@aryeh.name> wrote:
> On Tue, Apr 14, 2015 at 3:36 PM, Gervase Markham <g...@mozilla.org> wrote: > > Yep. That's the system working. CA does something they shouldn't, we > > find out, CA is no longer trusted (perhaps for a time). > > > > Or do you have an alternative system design where no-one ever makes a > > mistake and all the actors are trustworthy? > > No, but it would make sense to require that sites be validated through > a single specific CA, rather than allowing any CA to issue a > certificate for any site. That would drastically reduce the scope of > attacks: an attacker would have to compromise a single specific CA, > instead of any one of hundreds. IIRC, HSTS already allows this on an > opt-in basis. This is called "pinning". https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning https://tools.ietf.org/html/draft-ietf-websec-key-pinning-21 > If validation was done via DNSSEC instead of the > existing CA system, this would follow automatically, without sites > having to commit to a single CA. Note that pinning does not require sites to commit to a single CA. You can pin multiple CAs. Using DNS and DNSSEC for this purpose is described in http://tools.ietf.org/html/rfc6698. However, to my knowledge no mainstream browser presently accepts DANE/TLSA authentication for reasons already described upthread. -Ekr _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform