[Cryptography] Moving forward on improving HTTP's security
Stephen Farrell
stephen.farrell at cs.tcd.ie
Fri Nov 15 18:52:26 EST 2013
On 11/15/2013 06:02 AM, James A. Donald wrote:
>
> This being so, why should we care about CA signatures?
Maybe in the medium/long term, perhaps. As of now, there is
I think exactly one CT log operational. Putting all eggs in
Google's basket doesn't sound like a good plan to me.
Having said that, I like CT, and I know the Google people
would like more logs to exist, and maybe there're some being
stood up already for all I know, but CT is not yet ready
for that level of prime-time. I'd say it is by far the most
credible big-DB-of-public-keys candidate at present though
so it might get there sometime.
S.
More information about the cryptography
mailing list