Re: Adam Roach's No Objection on draft-ietf-httpbis-origin-frame-04: (with COMMENT)

> I've always viewed DNS + TLS as kind of a belt-and-suspenders kind of
> thing, where one needs to mount two (usually unrelated) exploits to
> successfully hijack an origin. I'm uncomfortable with backing down from
> that, but this might just be due to a misperception on my part: is CT
> deployed broadly enough that it provides a viable backstop against such
> attacks? (On a quick glance, I believe that zero of the ten defects I cited
> in my earlier message would have been thwarted by OCSP).
> /a

The tradeoffs here are well tread ground by the working group.

Chrome will be requiring CT participation for all new publicly trusted
certificates issued after April 2018. Being in a public log is currently
very common because of this and of course an ORIGIN implementation is free
to ignore ORIGIN where it doesn't feel there are sufficient suspenders in

Received on Wednesday, 10 January 2018 20:26:05 UTC