On Sep 24, 2014, at 12:55 PM, elijah <[email protected]> wrote: > On 09/24/2014 11:08 AM, Tao Effect wrote: > >> I've finally taken the time to explain via diagrams and many words how >> undetected MITM attacks can happen with Certificate Transparency. > > It strikes me that you are not allowing for any distinction between a > MiTM attack that happens once, and a MiTM attack that is only successful > if it can be carried off from the moment a computer first contacts the > internet (and carried on forever if the attacker doesn't want to be > detected). What scenario do you have in mind where the latter is possible?
Well, I'm primarily focusing on MITM attacks that happen more than once, and are undetected, but not in the sense that you've presented it (MITM attack 24/7 from beginning of time). A 24/7 MITM attack from birth to death simply goes undetected in all systems, and it's probably impossible to do anything about that. However, the issue with CT is as I pointed out several months ago back in May, that detection depends on successful gossip. Sure, it's possible, if the gossip succeeds, that proof of failure (not misbehavior) has occurred. The problem here is: 1. Gossip could be blocked. 2. If Gossip isn't blocked, and you're able to prove failure... so what? What then? The RFC is rather silent on this. The blockchain, on the other hand, doesn't have problem #2. Even if MITM suddenly starts blocking all new blocks and only showing blocks it creates, the node has a giant store of accurate data that the MITM cannot modify. Not so with CT. > Also, if browsers contain auditors, why can't these auditors be > pre-seeded with the hash of different logs at the time the browser was > compiled? Sorry, what is this referring to? The post acknowledges that browsers have public keys of logs. Kind regards, Greg -- Please do not email me anything that you are not comfortable also sharing with the NSA. > > > -elijah > > _______________________________________________ > Messaging mailing list > [email protected] > https://moderncrypto.org/mailman/listinfo/messaging
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
