<div dir="ltr">On Mon, Sep 16, 2013 at 3:14 PM, Ben Laurie <span dir="ltr"><<a href="mailto:ben@links.org" target="_blank">ben@links.org</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote"><div class="im">On 16 September 2013 18:49, Phillip Hallam-Baker <span dir="ltr"><<a href="mailto:hallam@gmail.com" target="_blank">hallam@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>To me the important thing about transparency is that it is possible for anyone to audit the key signing process from publicly available information. Doing the audit at the relying party end prior to every reliance seems a lower priority. </div>
</blockquote><div><br></div></div><div>This is a fair point, and we could certainly add on to CT a capability to post-check the presence of a pre-CT certificate in a log.</div></div></div></div></blockquote><div><br></div>
<div>Yeah, not trying to attack you or anything. Just trying to work out exactly what the security guarantees provided are.</div><div><br></div><div> <br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div class="im"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>In particular, there are some type of audit that I don't think it is feasible to do in the endpoint. The validity of a CT audit is only as good as your newest notary timestamp value. It is really hard to guarantee that the endpoint is not being spoofed by a PRISM capable adversary without going to techniques like quorate checking which I think are completely practical in a specialized tracker but impractical to do in an iPhone or any other device likely to spend much time turned off or otherwise disconnected from the network.</div>
</blockquote><div><br></div></div><div>I think the important point is that even infrequently connected devices can _eventually_ reveal the subterfuge. </div></div></div></div>
</blockquote></div><br>I doubt it is necessary to go very far to deter PRISM type surveillance. If that continues very long at all. The knives are out for Alexander, hence the story about his Enterprise bridge operations room. </div>
<div class="gmail_extra"><br></div><div class="gmail_extra">Now the Russians... </div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra">Do we need to be able to detect PRISM type surveillance in the infrequently connected device or is is sufficient to be able to detect it somewhere?</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">One way to get as good timestamp into a phone might be to use a QR code: This is I think as large as would be needed:</div><div class="gmail_extra"><br></div><div class="gmail_extra">
<img src="cid:ii_141285516b34f6a7" alt="Inline image 1"><br clear="all"><div><br></div><div><br></div><div><br></div>-- <br>Website: <a href="http://hallambaker.com/">http://hallambaker.com/</a><br>
</div></div>