RE: Fwd: New Version Notification for draft-nottingham-http2-encryption-02.txt

-----Original Message-----
From: Yoav Nir [mailto:synp71@live.com] 
Sent: Sunday, December 15, 2013 3:53 AM
To: ietf-http-wg@w3.org
Subject: Re: Fwd: New Version Notification for draft-nottingham-http2-encryption-02.txt

On 15/12/13 9:16 AM, Christian Huitema wrote:
>> What that leaves unclear for me is how the current 30-40% of web
>> sites that are setup for some form of TLS will suddenly become
>> 99%. Without some other action on helping sites get certs, it
>> just won't happen would be my prediction.
> Either helping sites get certs, or adding support for self-signed certs. Maybe combine self-signed certs and pinning. Maybe use a naming convention, something like "www-selfsigned.example.com." Or maybe www-07FDAE37.example.com, where 07FDAE37 is some identifier of the self-signed cert. If the browsers knew to expect a self-signed cert, they would not have to put up the scary UI when they find one...
>
>
No scary UI means that a MitM or someone who has compromised the DNS can 
hijack your connection, show a self-signed cert, and get no indication 
to the user that something is wrong.  So (let's use hotmail, because not 
all examples have to be gmail):

http://hotmail.com  redirects to https://selfsigned.live.com  which has 
a self-signed certificate, and everything looks fine.  Except it's an 
attacker.

They can mitigate this by adding HSTS, or better yet, HPKP. But that is 
forcing the website to do work just to regain the scary UI.

Making pinning a requirement for using self-signed certificates seems 
backwards, as pinning is dangerous stuff (see all the warnings in the 
draft) that can easily brick your website. I don't think it's suitable 
for the 60-70% who can't or won't get a proper certificate. If you can't 
afford a $10 DV certificate, you can't afford the IT staff to do HPKP 
safely.

Yoav

Received on Monday, 16 December 2013 00:31:35 UTC