Predictably Random

Chrome, why dont you?

Following yesterday’s post on flaws in the trust model of SSL certificate authorities; today I had a conversation in the break out area with Indra on how browsers manage certificates. Indra reminded me how Phobos, one of the Tor developers, removes all certificate authorities from his/her Firefox setup. Phobos instead adds certificates individually to Firefox as he/she gains trust in a site.

That’s impressive, but extreme. The amount of effort, knowledge and technical skill required to achieve an outcome is beyond of most browser users.

My browser of choice is Google’s Chrome. Chrome already has some additional security features for SSL certificates and secured domains, such as certificate pinning. But Chrome doesn’t give me any tools to even partially emulate Phobo’s approach. Which left me to lament to Indra:

• Why aren’t certificates for my important domains (e.g. internet banking) already pinned?
• Why can’t I manually pin the certificate for select domains?
• Why can’t I declare some (or all) SSL protected domains to be sensitive?
• Why doesn’t Chrome remember the last certificate presented by sensitive domains?
• Why doesn’t Chrom warn me when the certificate for a sensitive domain changes?

So Google Chrome, why don’t you?