- From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
- Date: Fri, 2 Jan 2015 17:00:29 +0200
- To: Aeris <aeris@imirhil.fr>
- Cc: Patrick McManus <pmcmanus@mozilla.com>, ietf-http-wg@w3.org, Ryan Hamilton <rch@google.com>
On Fri, Jan 02, 2015 at 03:25:42PM +0100, Aeris wrote: > > I'm happy to work with you in the mozilla bug tracker or network mailing > > lists to close the gap in the best way for your extension. > > With TLSA or PKP or anything, the fix is very easy : just don’t reuse > connection :P Because it’s slower/require new channel. > > - Verifying for TLSA need DNSSec validation of the TLSA DNS entry and the real > certificate if such entry. If you have already do all those check, you > *already* need a new channel open, to fetch the certificate. Err, why isn't just validating the current certificate against fetched TLSA records and then opening a new channel if that fails (DNS caches should be hot) sufficient? > - Verifying for PKP need the real content. Same, need a new channel too if any > PKP header to fetch the real certificate. And using the first channel to check > for PKP header is possibly insecure if PKP exist and don’t match the cert. > - Verifying for key pinning is not possible without real cert. New channel > needed too. HPKP is nastier, especially in the non-pinned case. Another interaction between connection reuse and HPKP: Potentially having to deal with server trying to pin the reused connections (foo.example pinning bar.example, when foo.example and bar.example share a connection). -Ilari
Received on Friday, 2 January 2015 15:00:54 UTC