Just thinking out loud here.
On 09/13/2011 01:41 PM, Yoav Nir wrote:
Locking yourself into a CA like that seems like a bad idea. Unlike
the Dutch government and Mozilla, most customers do not have the pull
to force CAs to submit to audits.
Or not, like the Dutch government, have the pull to convince Mozilla to
hesitate for a few days to revoke your pwned CA.
Six months ago we would not have thought that Comodo or DigiNotar
were easy to hack. In the latter case, the customers of DigiNotar
were left out in the cold. Without certificate pinning, they just
need to spend money on a new certificate and their site is working
again. With it, they are in trouble.
When would locking yourself into a keypair be any more sensible?
PKI has long history of uncounted thousands of revoked certs, most
probably for mundane reasons. But a large number of critical cases are
certainly due to the webserver and private key getting pwned (like
senate.gov).
What if attacker pwned your web server and configured it to broadcast
HSTS for a few days, pinning you to the keypair of which they now know
the private key?
What if they maliciously pinned you to a floundering CA?
Google is one thing, they have their own CA and even their own web browser.
Q: What kind of pinning would we recommend to our friend or family
member who runs his business on the web?
Right now he has his domain registration and cert from GoDaddy.
- Marsh
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
