On Mon, Feb 16, 2015 at 3:34 AM, Anne van Kesteren <ann...@annevk.nl> wrote: > On Sun, Feb 15, 2015 at 10:59 PM, Jeffrey Walton <noloa...@gmail.com> wrote: >> For the first point, Pinning with Overrides >> (tools.ietf.org/html/draft-ietf-websec-key-pinning) is a perfect >> example of the wrong security model. The organizations I work with did >> not drink the Web 2.0 koolaide, its its not acceptable to them that an >> adversary can so easily break the secure channel. > > What would you suggest instead?
Sorry to dig up an old thread. Here's yet another failure that Public Key Pinning should have stopped, but the browser's rendition of HPKP could not stop because of the broken security model: http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/. Jeff