Project

General

Profile

Feature #9026

Deploy HPKP

Added by sajolida about 4 years ago. Updated 22 days ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Infrastructure
Target version:
-
Start date:
03/06/2015
Due date:
% Done:

0%

QA Check:
Feature Branch:
Type of work:
Sysadmin
Blueprint:
Starter:
Affected tool:

Description

We already have HSTS on our website, but HPKP seems to be the next generation public-key authentication for websites and we have been recommended to deploy it.

https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning

This would serve as a mitigation technique against MitM on our website (HPKP is at least TOFU, until we get in the preload list see #9027).

dkg recommends making two backup end-entity keys on an offline machine, and pinning to your active key + these two others.


Related issues

Related to Tails - Feature #9027: Add our website to Firefox' hardcoded Public Key Pinning ("static pins") Rejected 03/06/2015
Related to Tails - Feature #16675: Consider using the Expect-CT header for Certificate Transparency on our website Confirmed

History

#1 Updated by sajolida about 4 years ago

  • Description updated (diff)

#2 Updated by sajolida about 4 years ago

  • Blocks Feature #9027: Add our website to Firefox' hardcoded Public Key Pinning ("static pins") added

#3 Updated by sajolida about 4 years ago

  • Description updated (diff)

#4 Updated by intrigeri about 4 years ago

  • Blocks deleted (Feature #9027: Add our website to Firefox' hardcoded Public Key Pinning ("static pins"))

#5 Updated by sajolida about 4 years ago

  • Blocks Feature #9027: Add our website to Firefox' hardcoded Public Key Pinning ("static pins") added

#6 Updated by sajolida about 4 years ago

  • Blocks deleted (Feature #9027: Add our website to Firefox' hardcoded Public Key Pinning ("static pins"))

#7 Updated by intrigeri almost 2 years ago

Our website now uses certificates issued by Let's Encrypt. Most Let's Encrypt clients generate a new key upon renewal, which is incompatible with pinning our public key with HPKP. The options we have are thus:

  1. pin the root CA instead of our own leaf key, as GitHub does
    • pros: relatively easy to implement, not too easy to get it wrong
    • cons: does not protect against compromise of the Let's Encrypt CA (and any additional root CA we're likely to switch to if we ever have issues with Let's Encrypt, that we should include in the pinning)
  2. tweak the Let's Encrypt renewal process to reuse the same key, and pin it
    • pros: protects against compromise of the Let's Encrypt CA
    • cons: renewing the key is tricky, see https://scotthelme.co.uk/setting-up-le/ for hints; it's very easy to get it wrong and lock people out of our website for a long time

My current thinking is that the 2nd option is risky and requires too much work, but the first option seems doable: it could be a good candidate when we create our 2018-2019 sysadmin roadmap.

In any case, additional offline backup keys are a must.

#8 Updated by sajolida over 1 year ago

  • Related to Feature #9027: Add our website to Firefox' hardcoded Public Key Pinning ("static pins") added

#10 Updated by u over 1 year ago

sajolida wrote:

Chrome is discussing the removal of HPKP from Chrome in 2018:

In Chrome 67, which is estimated to be released to Stable on 29 May 2018, precisely.

#11 Updated by sajolida 12 months ago

  • Assignee set to sajolida
  • Target version set to Tails_3.8

We're now in June 2018 so I'll check what happened to this in Chrome.

#12 Updated by sajolida 11 months ago

  • Target version changed from Tails_3.8 to Tails_3.9

#13 Updated by sajolida 10 months ago

  • Target version changed from Tails_3.9 to Tails_3.10.1

Done.

The release notes for Chrome are actually hard to find. I found this:

https://support.google.com/chrome/a/answer/7679408

with no sign of removal of HPKP in Chrome 68.

I'll check again in a couple of months.

#14 Updated by sajolida 7 months ago

  • Target version changed from Tails_3.10.1 to Tails_3.11

#15 Updated by jvoisin 7 months ago

HPKP will likely be removed in Chrome 69, and the ticket tracking the removal is here .

#16 Updated by sajolida 5 months ago

  • Target version changed from Tails_3.11 to Tails_3.12

#17 Updated by sajolida 4 months ago

  • Target version changed from Tails_3.12 to Tails_3.13

#18 Updated by sajolida 2 months ago

  • Target version changed from Tails_3.13 to Tails_3.14

#19 Updated by intrigeri about 1 month ago

My understanding is that in the end, HPKP support was removed in Chrome 72. HPKP is currently only supported by Firefox and Opera. All the websites I knew used HKPK in the past have stopped. I think implementing HPKP is not worth the effort anymore and I propose we reject this ticket.

Then we might want to investigate alternate TLS key/certificate hardening options:

  • Google now recommends using the Expect-CT header for Certificate Transparency instead. This header allows requiring the browser to refuse connections if the certificate is not in the Certificate Transparency logs. This is currently only supported by Chrome and Opera. It might be worth considering on a separate ticket.
  • DNS CAA (#15637)

#20 Updated by sajolida 22 days ago

  • Related to Feature #16675: Consider using the Expect-CT header for Certificate Transparency on our website added

#21 Updated by sajolida 22 days ago

  • Status changed from Confirmed to Rejected
  • Assignee deleted (sajolida)
  • Target version deleted (Tails_3.14)

Also available in: Atom PDF