- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Mon, 07 Dec 2015 11:04:25 +0000
- To: Cory Benfield <cory@lukasa.co.uk>
- cc: Maxthon Chan <xcvista@me.com>, Jacob Appelbaum <jacob@appelbaum.net>, Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org
-------- In message <C83FFB64-757E-4150-940C-829C9974E359@lukasa.co.uk>, Cory Benfield writes: >The attack to worry about is: what if the attacker replaces the body *in its > entirety*, headers and all? How do we protect against that? As in you get a bogus body and there is no signature ? I think I'd lock that down with DNSSEC/DANE providing the information that all HTTP under this domain must be signed with a particuar cert. For real-time streaming traffic, it would be necessary with some sort of "Transfer-Encoding: signed-chunks" An escape-hatch, a signature which says "this object has other integrity-checks" could be used for things like streaming video, where integrity is built into the data already. As for the CA thing: My distrust is with the content of the default root-cert lists shipped, not with the protocol mechanisms. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Monday, 7 December 2015 11:04:52 UTC