[Cryptography] The Trouble with Certificate Transparency

Tony Arcieri bascule at gmail.com
Sat Sep 27 14:52:10 EDT 2014


On Sat, Sep 27, 2014 at 11:07 AM, Bear <bear at sonic.net> wrote:

> Once Mallory has published his "alice" key, he has absolutely no way to
> get Alice to use it.
>

This is a *naming* system. Other people are trying to map a name to a key,
not the other way around. Mallory is trying to trick other people who are
trying to talk to alice into using the wrong key, while making it appear to
Alice that the correct key is published.

Meanwhile a MitM can show Alice a forked block chain where her key appears
legitimate, and in the process poison any new entries which are added to
the block chain with MitMed keys.

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140927/e316198c/attachment.html>


More information about the cryptography mailing list