On Fri, Jun 5, 2015 at 8:04 AM, Peter Kurrasch <fhw...@gmail.com> wrote:
>> Certificate Transparency gets us what we want, I think. CT works >> globally, and is safer, and significantly changes the trust equation: >> >> * Reduces to marginal/effectively destroys the attack value of mis-issuance > > Please clarify this statement because, as written, this is plainly not true. > The only way to reduce the value is if someone detects the mis-issuance and > then takes action to resolve it. Yes, I am assuming that — it's the foundational and necessary assumption of any audit system. The Googles, Facebooks, PayPals, ... of the world care very much about mis-issuance for their domains. Activists and security experts and bloggers and reporters are always looking for fun stuff, and are generally capable of writing shell scripts. > From what I've seen so far, both are major gaps in CT as a security feature. What have you seen so far that leads you to believe that? Are there mis-issuances in the existing CT logs that nobody has called attention to...? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy