> On 22 Aug 2021, at 10:37, Chris Angelico <ros...@gmail.com> wrote:
>
> When it comes to security, one thing I'm very curious about is why we
> don't have any sort of certificate renewal verification. My browser
> could retain the certificates of some web site (or of all web sites,
> even - they're not THAT large), and if the site presents a different
> cert, it could show the previously retained one and challenge the
> server "prove that you're the same guy". This proof would consist of
> the latest cert, signed by the older cert's key (or possibly a chain
> that can construct such a proof, which would allow the server to
> simply retain each new cert signed by the one previous cert, forming a
> line - or a tree if necessary). My suspicion is that it'd add little
> above simply having a valid cert, but if people are paranoid, surely
> that's a better place to look?
The web site proves it owners the hostname and/or IP address using its
certificate.
You use your trust store to show that you can trust that certificate.
The fact that a certificate changes is not a reason to stop trusting a site.
So it does not add anything.
The pain point in PKI is revocation. The gold standard is for a web site to use
OCSP stapling.
But that is rare sadly. And because of issues with revocation lists, (privacy,
latency, need to
fail open on failiure, DoD vector, etc) this is where the paranoid should look.
Barry
--
https://mail.python.org/mailman/listinfo/python-list
