[Cryptography] The Trouble with Certificate Transparency
Greg
greg at kinostudios.com
Sat Sep 27 15:16:22 EDT 2014
On Sep 27, 2014, at 11:53 AM, Tony Arcieri <bascule at gmail.com> wrote:
> My understanding is CT would detect the attack when it's over.
As explained in several places now, it does not provide any such guarantees:
- Earlier in this thread.
- http://www.ietf.org/mail-archive/web/trans/current/msg00588.html
- https://moderncrypto.org/mail-archive/messaging/2014/000873.html
Kind regards,
Greg Slepak
--
Please do not email me anything that you are not comfortable also sharing with the NSA.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140927/8462a098/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140927/8462a098/attachment.sig>
More information about the cryptography
mailing list