|
|
|
|
|
|
by contingencies
3354 days ago
|
|
|
Interesting line of thought. I suppose in theory for the sacrifice of some latency and processing overhead you could treat SSL/X.509 as busted, explicitly include multiple domains in a given page, cryptographically validate a signature supplied by each to the other (potentially both server side and in javascript), and thereby replace the SSL/X.509 assumptions of trust within the browser. All this would do is raise the bar for the attacker so they had to hijack all domains at once. By varying them dynamically you could further frustrate. You could potentially SaaS this (eg. expose an SCP/SFTP endpoint, from which you automatically deploy across disparate domain infrastructure including signatures) and/or provide a passive content-based pinning mechanism as standard, wherein the included JS or HTML raises hell if the version of a site you've received does not match that observed elsewhere. Inefficient as all hell, already attempted at different layers of the stack, but perhaps an idea whose time has come. If you do this and make lots of money buy me a beer :) |
|
|