Re: [Bug-wget] [PATCH] Trivial changes in HSTS

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] Trivial changes in HSTS

From:	Tim Ruehsen
Subject:	Re: [Bug-wget] [PATCH] Trivial changes in HSTS
Date:	Thu, 07 Apr 2016 12:52:10 +0200
User-agent:	KMail/4.14.10 (Linux/4.4.0-1-amd64; KDE/4.14.14; x86_64; ; )

On Wednesday 06 April 2016 14:31:17 Juaristi Álamos, Ander wrote:
> Hi all,
> 
> Here are some patches for HSTS.
> 
>  - 0001: checks the HSTS database file is not world-writable, and
> refuses to read it if it is, and disables HSTS. This was in my original

Doesn't it make sense to share the HSTS database globally ? It is basically 
global data (domain specific) and not user specific.

Thinking forward, a central (trusted) database/daemon for HSTS entries would 
be nice - sooner or later almost any domain supports HSTS. Each process 
loading/saving a huge file would not be efficient.

Same goes for e.g. cert pinning (but not for cookies which are private data).

Regards, Tim

signature.asc
Description: This is a digitally signed message part.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] [PATCH] Trivial changes in HSTS, Juaristi Álamos , Ander, 2016/04/06
- Re: [Bug-wget] [PATCH] Trivial changes in HSTS, Giuseppe Scrivano, 2016/04/07
- Re: [Bug-wget] [PATCH] Trivial changes in HSTS, Tim Ruehsen <=
  - Re: [Bug-wget] [PATCH] Trivial changes in HSTS, Ander Juaristi, 2016/04/08
    - Re: [Bug-wget] [PATCH] Trivial changes in HSTS, Tim Ruehsen, 2016/04/11

Prev by Date: Re: [Bug-wget] [PATCH] Trivial changes in HSTS
Next by Date: Re: [Bug-wget] Implement --pinnedpubkey option to pin public keys
Previous by thread: Re: [Bug-wget] [PATCH] Trivial changes in HSTS
Next by thread: Re: [Bug-wget] [PATCH] Trivial changes in HSTS
Index(es):
- Date
- Thread