Conversation

a small human has been consuming all my blogging time lately, but I decided to get back into the game with a post full of terrible ideas for how to abuse Certificate Transparency to re-create public key pinning:

emilymstark.com

Certificate Transparency is really not a replacement for key pinning

I’ve noticed that there’s a common misconception that Certificate Transparency is a replacement for HTTP public key pinning. If those words make no sense to you: HTTP public key pinning was a...

Replying to

and

Wondering if browser could enforce CAA list if DNS was delivered securely lol 95% of the benefits with 95% less pain over HPKP. Does not solve "My CA was breached", but helps with other CA breached/etc

Replying to

and

This is provided by TLSA records, not CAA. TLSA records work well. You can use them to pin the hash of a leaf key, an intermediate key or a root key. You can have multiple valid pins which allows rotation, etc. You can set TTL low to minimize disruption from making mistakes.

Replying to

TLSA records (DANE) are already widely used for email, and Microsoft is adopting them for Outlook. Google is adopting a much weaker, inherently insecure approach (MTA-STS) for Gmail which works like solely using http URLs with HTTPS redirects + dynamic HSTS, no preloading, no CT.

7:36 PM · Aug 24, 2022Twitter Web App

Replying to

Chrome's stated reasoning for not adopting DANE/DNSSEC is that too many networks break DNSSEC. I've yet to see any reasoning for not working on enforcing it when using DoT/DoH where networks breaking DNSSEC isn't a problem. Any DoT/DoH resolver can be expected to do it right.