From ca6043432474ee79ccadf3bbeddf4dc758786ab7 Mon Sep 17 00:00:00 2001 From: Rohan Kumar Date: Sat, 29 Oct 2022 23:24:50 -0700 Subject: [PATCH] New note: Route authorization and TLS --- content/notes/route-authorization-and-tls.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 content/notes/route-authorization-and-tls.md diff --git a/content/notes/route-authorization-and-tls.md b/content/notes/route-authorization-and-tls.md new file mode 100644 index 0000000..9c501d1 --- /dev/null +++ b/content/notes/route-authorization-and-tls.md @@ -0,0 +1,17 @@ +--- +title: "Route authorization and TLS" +date: 2022-10-29T23:24:50-07:00 +replyURI: "https://community.mojeek.com/t/bgp-hijacking/400" +replyTitle: "BGP Hijacking" +replyType: "DiscussionForumPosting" +replyAuthor: "Mike" +replyAuthorURI: "https://community.mojeek.com/u/mike/" +--- + +Assuming we have transit encryption, the main result of Border Gateway Patrol (BGP) errors is mass downtime. Downtime for a typical service is a headache; downtime for a CA can be disastrous. BGP hijacking also enables certificate mis-issuance by messing with weak domain control validation. Route authorization is an important mitigation! + +That said: TLS is our last line of defense against BGP attacks that *re-direct* HTTPS requests. + +Users wouldn't have been robbed if Celer Bridge used [HSTS preloading](https://hstspreload.org). Victims were greeted by a TLS error and chose to add a security exception; a payment platform shouldn't offer that choice. HSTS instructs browsers to remove this option, and HSTS preloading prevents HSTS stripping (and TLS stripping). + +HTTP Public Key Pinning (HPKP) makes such attacks even harder, but HPKP had its own list of issues preventing adoption.