MozillaWiki

SecurityEngineering/Public Key Pinning

< SecurityEngineering
Revision as of 21:46, 12 May 2014 by Mmc (talk | contribs) (Created page with "Certificate pinning is a protocol for sites to specify which certificate authorities have issued valid certs for that site, and for user-agents to reject TLS connections to th...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Certificate pinning is a protocol for sites to specify which certificate authorities have issued valid certs for that site, and for user-agents to reject TLS connections to those sites if the certificate is not issued by a known-good CA. The benefit of certificate pinning is that users cannot be mitm'ed because of a rogue CA not on the site's list (see the Diginotar attack which Chrome detected and we did not: https://blog.mozilla.org/security/2011/08/29/fraudulent-google-com-certificate/).

We are attempting to:

  1. Pin all of the sites that Chrome already does (Google, Twitter)
  2. Pin our own sites after auditing them and cleaning them up, so that our users know that the updates we serve actually come from us
  3. Pin other popular sites like Facebook that are in good shape already (with their cooperation, of course)

Tracking bug: bug 1004350

Retrieved from "https://wiki.allizom.org/index.php?title=SecurityEngineering/Public_Key_Pinning&oldid=976085"