On Fri, Sep 19, 2014 at 4:52 AM, Anne van Kesteren <[email protected]> wrote:
>> Please keep in mind that the origin is the security boundary on the >> web, and is defined as being (scheme, host, port). > > And optional additional data: > https://html.spec.whatwg.org/multipage/browsers.html#origin I haven't seen any origin checks lately that use any optional additional data. >> Assuming we don't expand the definition of the origin, unless we >> implement mixed-everything blocking — mixed EV & non-EV, mixed TLS 1.2 >> & 1.1, mixed AES-128 & AES-256, mixed pinned keys & non-pinned, et c. >> — then I don't think we should make any increased promise to the user. >> After all, the promise wouldn't be true. > > I'm not sure I follow. If there's mixed content you no longer get a > lock at all in Firefox. Obviously we should not revert that. My point is that UI indicators should reflect the reality of actual technical security boundaries. Unless we actually create a boundary, we shouldn't show that we have. And yet, a hypothetical boundary between TLS 1.1 and TLS 1.2 would not almost certainly not fly, for compatibility reasons (as much as we all might like to have such a boundary). >> The hair I'd much rather split, by the way, is making each >> cryptographic identity a separate origin. Ponder for a moment how >> enjoyably impossible that will be... > > What are the issues? * What's a stable cryptographic identity in the web PKI? Is it the public key in the end-entity certificate, or the public key in any of the issuing certificates? * Or maybe the union of all keys? * Or maybe the presence of any 1 key in the set? * What about the sometimes weird and hard-to-predict certificate path-building behavior across platforms? * What about key rotation that happens legitimately? * Do we convince CAs to issue name-constrained issuing certificates to each site operator (with the constrained name being the origin's exact hostname), that cert's key becomes the origin's key, and site operators issue end entities from that? ** There'd still be a need to re-issue that key, from time to time. * Do we use the web PKI to establish a distinct origin key? ** Could the TACK key be the origin key? > (There's also an idea floating around about checking certificates > first when doing a same-origin check, potentially allowing distinct > origins that share a certificate through alternate names, to be > same-origin. However, with CORS it might not really be needed > anymore.) That's terrifying. :) _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
