Re: [w3ctag/design-reviews] Signed Exchanges (#235)

My primary concerns relate to increasing the trust relationship between the exchange signing certificate and the origin (beyond the PKI trust of the exchange signing certificate).

In particular:
1) is there (or should there be) an expectation (or restriction) that the same CA used to sign the origin's TLS certificate has signed the exchange signing certificate?
2) are the origin's CAA DNS records respected for issuing exchange signing certificates (or should there be a different CAA record type for exchange signing certificates)?
3) If the client has previously visited the origin, can they then use some cached information to cross-check the signed exchange, for example a Public-Key-Pin or TLSA record (or possibly a different mechanism to pin signed exchange keys)?
4) Is there an expectation that static key pins will apply to signed exchanges?


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/235#issuecomment-379424835

Received on Saturday, 7 April 2018 02:08:36 UTC