On 12/02/2016 12:47 AM, Terje Elde wrote:
On 30 Nov 2016, at 22:51, Gunnar Haslinger <[email protected]> wrote:
when pinning your certificates you can include one whose
coresponding key is not on the machine but acts as the backup key, maybe
even offline.
Not "can", its not an option it is mandatory!
The browsers will NOT accept HPKP pinning if you don't add an currently unused
backup key.
Just a quick reminder:
It can be a backup key that you have, but it can also be that of another CA.
Or completely random. Bad idea, but the browsers would accept it.
Oh and for what it is worth, if you don't trust the CAs (I don't) then
it seems counter-productive to add a fingerprint from a CA that would
allow the CA to easily issue certificates that would then validate.
But you can also do something insecure like that with DANE, the TLSA
record can be for a certificate authority.
That may be useful for a private corporate certificate authority used on
a corporate network, but whether DANE or HPKP it is a bad idea to do it
with a public certificate authority.
_______________________________________________
Ach mailing list
[email protected]
http://lists.cert.at/cgi-bin/mailman/listinfo/ach
