[Cryptography] The Trouble with Certificate Transparency
Greg
greg at kinostudios.com
Sat Sep 27 16:58:02 EDT 2014
On Sep 27, 2014, at 1:43 PM, Tony Arcieri <bascule at gmail.com> wrote:
> I'm saying their trees work like Merkle trees are supposed to work, and that none of their proofs detect mis-issued certificates.
>
> The two certs (legit and false) will happily live side-by-side in the tree undetected by the gossip protocol.
>
> Even after the network partition is resolved and the latest log is seen?
>
> If you allege that's the case, I don't understand your attack.
What do you mean by "network partition"?
Maybe this will help, go to Google's "How Log Proofs Work" page:
http://www.certificate-transparency.org/log-proofs-work
Look at the little green boxes that represent certificates.
So, one of those green boxes will be a legitimate certificate, and the other will be the fraudulent one.
Neither consistency nor audit proofs will let a client know whether or not the cert they're being shown is fraudulent or not, and that is even when both of them are in the same log (which they don't have to be).
Gossip just sends the little red boxes between the server and the clients. They don't matter.
Kind regards,
Greg Slepak
--
Please do not email me anything that you are not comfortable also sharing with the NSA.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140927/e0913511/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140927/e0913511/attachment.sig>
More information about the cryptography
mailing list