I've finally taken the time to explain via diagrams and many words how undetected MITM attacks can happen with Certificate Transparency.
As this topic has been brought up on this list a few times, and I've received requests from some to elaborate in detail, I thought I'd share it here. This post is also a direct response to Ben Laurie's recently published ACM article [1]. Many thanks go to Zaki (@zmanian), Simon (@simondlr) and others to reviewing it prior to publication: http://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/ Kind regards, Greg [1] http://queue.acm.org/detail.cfm?id=2668154 -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
