I can't believe anyone actually worries about captive portals, but there are lots of things I don't understand so....
Snark aside, there is a flaw in the reasoning that Adam (imperialviolet.org) and the rest of the good folks at Google have put forth regarding OCSP. The logic boils down to a perfect scenario in which OCSP fails perfectly, with the conclusion being that OCSP request/response isn't very good and only OCSP stapling makes sense to pursue. That argument may hold for certain MITM cases, but we have to look beyond MITM. The much bigger problem Internet security faces is the pwnage of your device and the theft of your personal information, your friends' information, your credit card numbers, and the money sitting in your bank account. Or maybe I just want to use your webcam? That, to say nothing about your employer's information. Why waste my time trying to launch an MITM something-or-other when instead I might trick you into installing my latest malware package? If that gets me access to the credit card processing system.... Whatever the case may be, the attack is made easier if I can pretend to be a site that you're likely to trust, and if I have a SSL certificate you'll probably trust it that much more. And if the cert chain goes with a private key that someone extracted using Heartbleed, so what? Who's going to stop me? The problem we need to solve is how to keep criminals, thieves, and governments from using other people's keys and cert chains for nefarious purposes. OCSP stapling won't do it. CRLs are ancient history. Convergence and other schemes are years away from being realized. Like it or not OCSP responders are the only viable option at this point. Getting back to Phillip's original question: do we need to turn on hard-fail? The short answer is yes. The long answer is we need to move in that direction now so that turning it on won't break the Internet any more than it already is. Original Message From: Peter Eckersley Sent: Monday, April 21, 2014 6:06 PM To: Phillip Hallam-Baker Cc: [email protected] Subject: Re: Turn on hardfail? That would have the {justifiable,entertaining,controversial} result of causing any captive portal that uses HTTPS in captivity to fail. Sounds like an interesting proposal if you can persuade all the browsers to do it simultaneously, but if Mozilla does it in isolation, it would unfortunately just drive users to other browsers. On 21 April 2014 10:12, Phillip Hallam-Baker <[email protected]> wrote: > Given the current Heartbleed situation, wouldn't it be appropriate to > turn on hard fail for revocation checking so that unknown status > results in the cert being rejected. > > I am seeing people suggest that a CA be dropped from the root for > their alleged improper handling of revocation. If revocation matters > so much that it must be enforced on CAs then it matters enough to turn > on hardfail for a major server coding error. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
