Re: TLS Renegotiation and HTTP/2 (#363)

On Tue, Apr 01, 2014 at 03:26:17PM +0300, Yoav Nir wrote:
> Yoav
> 
> On Apr 1, 2014, at 3:21 PM, Ilari Liusvaara <ilari.liusvaara@elisanet.fi> wrote:
> >
> > That looks to be vulernable to forwarding and MITM attacks...
> > 
> Sure, but not more so than regular server-authenticated HTTPS.
> 
> We can get all fancy and tie it to extractors or channel bindings. The question is whether we want just mutual authentication or whether we want to foil MitM attacks and proxies while we’re at it.
> 
> Foiling MitM has the downside (or upside) of making this not work from behind next generation firewalls.
 
Suppose that user visits a maliscous site. What is to prevent
that site from contacting target site and forwarding
authentication exchange across (with who knows what other
headers and payload)?


-Ilari

Received on Tuesday, 1 April 2014 12:39:31 UTC