Re: Comments about draft-ietf-httpbis-http2-16 : Connection reuse

On Fri, Jan 02, 2015 at 03:25:42PM +0100, Aeris wrote:
> > I'm happy to work with you in the mozilla bug tracker or network mailing
> > lists to close the gap in the best way for your extension.
> 
> With TLSA or PKP or anything, the fix is very easy : just don’t reuse 
> connection :P Because it’s slower/require new channel.
> 
> - Verifying for TLSA need DNSSec validation of the TLSA DNS entry and the real 
> certificate if such entry. If you have already do all those check, you 
> *already* need a new channel open, to fetch the certificate.

Err, why isn't just validating the current certificate against fetched TLSA
records and then opening a new channel if that fails (DNS caches should be hot)
sufficient?

> - Verifying for PKP need the real content. Same, need a new channel too if any 
> PKP header to fetch the real certificate. And using the first channel to check 
> for PKP header is possibly insecure if PKP exist and don’t match the cert.
> - Verifying for key pinning is not possible without real cert. New channel 
> needed too.

HPKP is nastier, especially in the non-pinned case.


Another interaction between connection reuse and HPKP: Potentially having to
deal with server trying to pin the reused connections (foo.example pinning
bar.example, when foo.example and bar.example share a connection).


-Ilari

Received on Friday, 2 January 2015 15:00:54 UTC