Re: [websec] draft-ietf-websec-key-pinning

Tue, 26 Aug 2014 14:08:04 -0700 

primarily a debugging aid for The Alice Foundation and BobCorp to get
PKP working. ("What all Trents do we need to trust, anyway?")



As a site operator, I'd think of PKP-RO as a debugging aid more along the 
lines of: "If I turn this thing on, will anything break for anyone?"



If PKP-RO doesn't have the same semantics as PKP, its utility for answering 
that question declines.


-Eric


-----Original Message----- 
From: Chris Palmer

Sent: Tuesday, August 26, 2014 3:51 PM
To: Tom Ritter

Cc: Eric Lawrence ; draft-ietf-websec-key-pinn...@tools.ietf.org ; IETF 
WebSec WG ; Ryan Sleevi

Subject: Re: [websec] draft-ietf-websec-key-pinning

On Tue, Aug 26, 2014 at 1:33 PM, Tom Ritter <t...@ritter.vg> wrote:


Well the whole threat model of HPKP (without preloading) is an
attacker that can MITM some TLS connections, but not all of them,
right?


"""By effectively reducing the number of authorities who can
authenticate the domain during the lifetime of the pin, pinning may
reduce the incidence of man-in-the-middle attacks due to compromised
Certification Authorities."""

The threat model is that The Alice Foundation wants to trust only
Trents 1, 4, and 9, and no other Trents, to vouch for her identity.
That way, if Trent 6 mis-issues for The Alice Foundation, Mallory
cannot make use of the mis-issued certificate in an attack.

But, yes, Mallory can still attack CarolCorp, if CarolCorp does not
use pinning or pins to Trent 6.


Requiring PKP-RO to be on every load would allow an attacker
to strip the header on the connections they MITM.


Only if The Alice Foundation did not also use a regular PKP header.


Letting it be cached
allows an organization to put a max-age of 45 days on it, without the
risk of bricking their site if they aren't administratively competent.

Obviously an attacker can also block the reports from being sent, but
I'm hoping that the clause "In any case of report failure, the UA MAY
attempt to re-send the report later" will be considered in this case,
and that UAs will make an attempt at getting potentially blocked
reports out at a later date.


Yeah, sort of. But don't think of PKP-RO as a defense against attacks,
even if it might sometimes have that secondary benefit. It is
primarily a debugging aid for The Alice Foundation and BobCorp to get

PKP working. ("What all Trents do we need to trust, anyway?") 


_______________________________________________
websec mailing list
websec@ietf.org
https://www.ietf.org/mailman/listinfo/websec






















					Reply via email to