On Thu, Feb 19, 2015 at 12:15 PM, Anne van Kesteren <ann...@annevk.nl> wrote:
> On Thu, Feb 19, 2015 at 6:10 PM, Jeffrey Walton <noloa...@gmail.com> wrote:
>> On Mon, Feb 16, 2015 at 3:34 AM, Anne van Kesteren <ann...@annevk.nl> wrote:
>>> What would you suggest instead?
>> Sorry to dig up an old thread.
>> Here's yet another failure that Public Key Pinning should have
>> stopped, but the browser's rendition of HPKP could not stop because of
>> the broken security model:
>> http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/.
> That does not really answer my questions though.
Good point.

Stop letting externalities control critical security parameters
unmolested since an externality is not the origin nor the the user.

HPKP has a reporting mode, but a broken pinset is a MUST NOT report.
Broken pinsets should be reported to the user and the origin so the
browser is no longer complicit in covering up for the attacker.


Reply via email to