[Cryptography] The Trouble with Certificate Transparency

Watson Ladd watsonbladd at gmail.com
Fri Sep 26 23:29:20 EDT 2014 

On Fri, Sep 26, 2014 at 6:34 PM, Greg <greg at kinostudios.com> wrote:
> Dear Tony,
>
> On Sep 25, 2014, at 2:05 PM, Tony Arcieri <bascule at gmail.com> wrote:
>
> On Thu, Sep 25, 2014 at 1:52 AM, Ralf Senderek <crypto at senderek.ie> wrote:
>>
>> Given the powers of a post-snowden MITM, the claim in Greg's posting seems
>> legitimate.
>
>
> This same class of attack will work on practically any system
>
>
> We've already acknowledged on twitter [1] the fact that this class of attack
> does not work on blockchains and DNSChain.
>
> That is for two reasons:
>
> 1. With blockchains, only the owner of a domain can update SSL certificates.
> With CT and X.509, your domain does not belong to you exclusively, and
> therefore thousands of others can create SSL certs for your domain.

That's actually a feature, not a bug. We want to be able to steal
wallmart.com or goldmansachs.com from a domain squatter and transfer
it
It also solves lost names: if someone loses the keys for xkcd.com,
fpqc.com is not as valuable as a replacement. This is not the case for
Bitcoin.

If blockchains kept the list of valid SSL certs for domains, a list
anyone could add to, they would be a stronger mechanism for achieving
CT.
The current CT mechanism uses a different mechanism to achieve public
consensus on which certificates are out there, which as you not is not
as strong.

The "right approach" is to use a blockchain to monitor what certs are out there.

> 2. With blockchains, censorship or DoS to the P2P network can only prevent
> nodes from receiving updates, it does not make them forget what they've
> already learned. Since most SSL certs are long-lived, the threat is far less
> significant than it is with CT.
>
> Kind regards,
> Greg Slepak
>
> [1] https://twitter.com/taoeffect/status/514884562720399360
>
> --
> Please do not email me anything that you are not comfortable also sharing
> with the NSA.
>
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

More information about the cryptography mailing list