- From: Henrik Biering <
>
- To: Johannes Ernst <
>
- Cc:
- Subject: Re: [projectvrm] Minimum viable VRM web site or service
- Date: Sat, 17 Jan 2015 01:42:07 +0100
- Organization: Peercraft
Johannes:
The public key pinning described in Brians link:
https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning
is the one introduced in Firefox 32, with Mozillas limited choice of
support for some major sites.
Not any sites of your own choice.
That is, however, what HPKP allows - implemented from Firefox 35:
https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning
/Henrik
Den 16-01-2015 kl. 01:11 skrev Johannes Ernst:
On Jan 15, 2015, at 16:01, Henrik Biering
<
>
wrote:
The Public Key Pinning that you reference is not scalable.
Which aspect do you think would not scale?
For example, if I have an existing relationship with site A, and site A has a
hyperlink to site B (which is the predominant way of finding out about new
sites anyway), site A could also vouch for site’s B keys. In fact, it
probably shouldn’t have a link to B unless it is quite certain who B is :-)
(It is quite possible this does not scale, but it is not obvious to me that
this is a true assertion)
Cheers,
Johannes.
Attachment:
smime.p7s
Description: S/MIME-signeret meddelelse
- RE: [projectvrm] Minimum viable VRM web site or service, (continued)
Archive powered by MHonArc 2.6.19.