[HTTPS-Everywhere] ideas for improvements to development and use of the ruleset
Dave Warren
davew at hireahit.com
Wed Mar 5 01:13:23 PST 2014
On 2014-03-04 22:39, Yan Zhu wrote:
> (There's a good argument that ruleset security should be equivalent to
> extension security, since an attacker can submit a ruleset update that
> rewrites the extension update URL to a malicious one!)
Perhaps it would be wise to have the extension refuse to re-write any
URL involved with the update mechanism (or at least require any rule
that does to be signed using the offline key), along with the use of
certificate pinning to validate the SSL channel used for ruleset updates.
It might not be perfect, but if the extension calls a known URL, it
shouldn't be too difficult to simply ignore any rule that attempts to
apply to the domain(s) involved with the ruleset update process.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
More information about the HTTPS-Everywhere
mailing list