[Cryptography] [messaging] Gossip doesn't save Certificate Transparency

Ben Laurie benl at google.com
Thu Oct 16 09:13:21 EDT 2014


On Sun Sep 28 2014 at 8:52:47 AM Peter Gutmann <pgut001 at cs.auckland.ac.nz>
wrote:

> Chris Palmer <snackypants at gmail.com> writes:
>
> >On Saturday, September 27, 2014, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
> wrote:
> >> That's always puzzled me about CT, who is going to monitor these logs,
> and why
> >> would they bother?  This seems to be built from the same fallacy as
> "open-
> >> source code is more secure because lots of people will be auditing the
> code
> >> for security bugs".
> >
> >It's a simple matter of a shell script to scan logs for misissuance for
> names
> >you care about. Google certainly cares, EFF and other activist
> organizations,
> >PayPal, Facebook, ...
>
> So in other words it'll help the organisations who are already more or less
> covered by certificate pinning (except that CT does it in a really
> roundabout,
> complex manner rather than directly at the source as pinning does).
>
> Looking at what CT gives you, there seem to be three scenarios to cover:
>
> 1. Cert issued for Google or Paypal.
> 2. Cert issued for First Bank of Podunk.
> 3. Cert issued for www.verify-chase-credit-card.com.
>
> Case #1 is already handled by pinning, and cases #2 and #3 won't be helped
> through CT.


Why not? I'm not sure what your threat model is for 2, so hard to respond
to it, but for 3, CT will allow you to see that this cert has been issued
and object to it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141016/31f79ee2/attachment.html>


More information about the cryptography mailing list