[Ach] bettercrypto.org cert blocked in chrome 56
Terje Elde
terje at elde.net
Wed Nov 30 13:47:37 CET 2016
> On 30 Nov 2016, at 00:33, Alexander Wuerstlein <arw at cs.fau.de> wrote:
>
> Whereas HPKP has the nice new attack surface of "now I've -unbeknownst
> to you- got access and secretly fed your users my key. Now I've deleted
> it form the box. Pay me or kill your domain".
Interestingly, that attack-vector is there even if you don’t configure HPKP yourself, if you’re compromised to that degree. The argument can also be flipped as a pro-HPKP argument as well;
One could easily argue that using HPKP reduces the risk that someone with a rouge certificate for your site successfully serves up a HPKP pin of their own.
Keep in mind that having a rouge certificate out there doesn’t mean a CA has to be compromised for example. It could be something as simple as a previous domain owner having bought a 10 year SSL-certificate for the site you now own, or having previously used a shared SSL-infrastructure that later become compromised. Or a disgruntled employee that took off with the keys, a partnership that went bad and there’s a disagreement about owership of the domain, and so on and so forth. Or a MitM-proxy, fooling users with a fake or company-enforced root CA. For all those cases, using HPKP could both help you retain control of the domain and it’s traffic, and also help you avoid your adversary pinning his/her keys instead of yours.
Don’t get me wrong, it’s an interesting point, and quite valid in a general discussion about HPKP. I’m just not sure if it’s a very good argument against using HPKP in the context of a practical/applied guide.
Terje
More information about the Ach
mailing list