On Thu, Aug 23, 2012 at 12:08 PM, Ted Unangst <t...@tedunangst.com> wrote: people designing the protocol never got that far. > > Anyway the workaround du jour is certificate pinning. Your browser is > supposed to remember the cert used for the previous connection and > warn if it changes, which reduces the window of opportunity. >
And a poor workaround at that. The only browser this works well in is Chrome, and only with Google properties. In Firefox, the Certificate Patrol add-on is bothersome to the user as it constantly asks permission, to the point of crying wolf. Large organizations with multiple certificates for the same site, such as Google and Microsoft, are not understood by this add-on. Firefox 17 is working towards a native certificate pinning feature. I hope the release of that feature works well and spurs other browser vendors to follow suit. One thing I've never understood is that if you're MITM'd, what good is a cert revocation going to do? The proxying individual can easily block access to the revocation lists, and your browser be none the wiser. 'DNS-based Authentication of Named Entities', in my opinion, is a more promising system than certificate pinning, as it allows web site operators to publish certificates (or hashes of them) in DNS. However, this would require DNSSEC to be secure (which itself seems to be mired in controvery lately, not to mention the slow rate of adoption), and the project at IETF appears to be mostly dead: https://datatracker.ietf.org/wg/dane/charter/
