On Wed, Sep 24, 2014 at 11:17:28AM -0700, Greg wrote: > http://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/
Hi Greg, It seems to me that CT could benefit security only in a "trickle down" sense: if a cert is improperly issued against a major domain like google.com, that CA can be punished by Chromium/Chrome, with the logs providing political/legal cover. And maybe the benefit trickles down. But what about normal people? I have to check up to 1000 different logs to see if I've been attacked? And if I find out that's the case, would people care about little old me enough to burn a CA such as Comodo? It seems CT could potentially be of benefit to some large organizations while having little to no impact on ordinary people like myself. If that's wrong I'd like to know how/why. When LibreSSL has a non-preview release or two under its belt I'd like to try DNSChain, but for now I'm unwilling to touch major TLS libraries. DNSChain and MinimaLT seem like they could be a great match... Nicolai _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
