Now that HPKP is removed, browsers should do what they should have done from the beginning by supporting DNSSEC and DANE as a pinning mechanism. No need to support using it as an alternate root of trust. For compatibility can limit it to when DoT or DoH are being used by default.
Conversation
This Tweet was deleted by the Tweet author. Learn more
Replying to
Please don't let them impose inane policies on what sort of DANE records are acceptable for web. Anything should be accepted and completely override webpki if DANE semantics say it does (DANE-EE(3) or -TA(2) vs PKIX-*(0 or 1)).
3
No. DANE-TA and DANE-TE allow TLD operators (and thus anyone who can force them through shady court orders) to completely circumvent TLS without even leaving a trace. PKIX-TA and PKIX-EE would at least force them to leave a trace within the certificate transparency logs.
1
This threat is overstated to the point of being standard anti-DNSSEC FUD, but indeed we do need a DNSSEC analogue of CT. Unlike with webpki CT, it doesn't require trusting CAs to adhere to policy to create such a thing; it can be constructed from observation.
3
Chromium enforces CT via signed timestamps from the logs. It will be fully enforced once the lifetime of certificates predating the CT requirement are gone. It can currently be bypassed by backdating a certificate because not enough time has passed and 1 year max lifetime is new.
1
1
A certificate needs to have 2+ SCTs from trusted logs to be considered valid unless it predates the requirement. I think it's only about 6 more months (can't recall) until the date when CT can be enforced for all certificates.
1
1
The CA has to log a precertificate and receive SCTs to include in the actual certificate. You can see this in the logs. Using the grapheneos.network certificate as an example.
Precertificate:
crt.sh/?id=3812599153
Actual certificate with SCTs:
crt.sh/?id=3812603007
1
1
Chromium requires 1 SCT from a Google log and 1 SCT from a non-Google log. Other browsers haven't tried to implement stricter rules and either don't enforce it or use a more lax requirement. They could push for making it so that more diversity of SCTs is required though.