|
|
|
|
|
|
by cesarb
3463 days ago
|
|
|
"The enterprise" already controls the servers (otherwise, they wouldn't be able to configure a static ECDH key on them). Having control of the servers is already equivalent to having full access to the plain text. This only enlarges the security boundary from the server to every machine which could possibly, now or in the future, have access to that static ECDH key. And the default would still be to use a dynamic ECDH key. Also, how would a browser know it has encountered this behavior? A key might be rotated every few minutes, so just seeing the same key twice is not enough; and the key could be derived from a static key and the TLS nonces, so seeing a different key also means nothing. That said, I think server vendors should not implement this option. It's too risky, since it could be enabled by accident, incompetence, or malice. It's better to force the few who believe they really need this option to implement it themselves. |
|
|