Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dynamic HPKP pinning tests #88

Open
lgarron opened this issue Oct 23, 2015 · 7 comments
Open

Dynamic HPKP pinning tests #88

lgarron opened this issue Oct 23, 2015 · 7 comments

Comments

@lgarron
Copy link
Collaborator

lgarron commented Oct 23, 2015

(Followup to #15.)

@rugk
Copy link
Contributor

rugk commented Oct 26, 2015

I think the design should be like in https://hsts.badssl.com/.

The only thing you have to keep in mind is that the image which indicates the state of HPKP should be loaded over a different domain than https://hpkp.badssl.com/ (e.g.), because otherwise you cannot access https://hpkp.badssl.com/ any more... 😃
This way you should also see an error message (like HPKP does not work or no HPKP header was sent previously [or has expired]) when accessing the site the first time - which is expected.

@lgarron
Copy link
Collaborator Author

lgarron commented Jul 6, 2016

Ideas from @seccubus at #178:

  • Only one PIN (no backup)
  • two pins, both not matching anything
  • two pins, both pinning a CA not in the chain.

@MrSeccubus
Copy link

One more. A 90 second timeout. Technically correct, but not very useful.

@lgarron
Copy link
Collaborator Author

lgarron commented Jul 6, 2016

Technically correct, but not very useful.

What is this meant to test?

I am happy to add as many subdomains and paths as are useful, but each of them should be useful for testing some sort of security feature (preferentially browser UI).

@MrSeccubus
Copy link

This wil not give an error in the browser UI. Just like having a single pin will not give an error.

However, these cases are still considered bad practise because having your hpkp pin exipire after 90 seconds still allows an attacker to mitm you if you haven't visited the site in less then 90 seconds before the attack.

Similarly the single pin is bad because you will effectively brick your site for everybody that visited your site before in the timeout period if you lose your private key.

My usecase Is that I'm using badssl as a testbed for testssl.sh

@lgarron lgarron closed this as completed Jul 6, 2016
@lgarron lgarron reopened this Jul 6, 2016
@lgarron
Copy link
Collaborator Author

lgarron commented Jul 6, 2016

My usecase Is that I'm using badssl as a testbed for testssl.sh

Hmm, that sounds pretty reasonable. Would it be sufficient to have these configurations at different paths on the same domain (much less fuss than creating a separate domain for each one)?

@MrSeccubus
Copy link

MrSeccubus commented Jul 6, 2016

For testbed purposes it would be sufficient, as testssl.sh is just a shellscript and it doesn't stick to the rules of hpkp. I would go for separate domains if the testcase bricks the site.

Fatal mistakes that each need a separate site:

  • two pins, both not matching anything
  • two pins, both pinning a CA not in the chain

You could actually combine these into a single site. Have two pins, one for something you pulled from /dev/random and the other that pins a CA that you don't use.

One site that has the non-fatal mistakes:

  • Only one pin (I would pin a CA or Sub-CA), short timeout

Since both test cases can actually live inside the same header, there is no need to have these on separate URLs.

You could add a correctly configured site that has:

  • a pin for the leaf, a pin for the Sub-CA, a pin for the root CA, a backup pin, a backup pin for another CA, includeSubdomains, preload, long timeout

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants