On 24/09/11 04:17 AM, Ben Laurie wrote:
On Thu, Sep 22, 2011 at 4:46 PM, Peter Gutmann
<pgut...@cs.auckland.ac.nz> wrote:
Ben Laurie<b...@links.org> writes:
Well, don't tease. How?
The link I've posted before (but didn't want to keep spamming to the list):
http://www.cs.auckland.ac.nz/~pgut001/pubs/pki_risk.pdf
That was a fun read and I mostly agree, but it raises some questions...
a) Key continuity is nice, but ... are you swapping one set of
problems for another? What happens when I lose my key? How do I roll
my key? I just added a second server with a different key, and now a
bunch of users have the "wrong" key - what do I do? How do I deal with
a compromised key?
All this was figured out in the mid 00's in Trustbar. The answer to
those above question is ... wait for it ... CA pinning :)
Yes, we don't mean the limited hack by google, but dynamically pinning
the site with the CA within the client-side level. The client starts
TOFU-style and records the cert, and watches to see how variations
occur. It can analyse and accept variations on various metrics. See
page 25.
E.g., another issue was that accelerator farms tended to use either the
same cert or many certs, operating to a pattern. Solved.
Another issue worth saying over and over again is secure bookmarks,
which Tyler's Petnames demo'd. This coupled the bookmark to the URL to
the cert. Which matches the current online banking advice of using ones
bookmarks to go to ones bank. Pretty sad, really. So few lines, so
many phishes.
iang
PS: Sorry, Peter, I'm just rehashing a lot of the content in the
slides. ...
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography