Dear elijah, On Oct 3, 2014, at 11:43 AM, elijah <[email protected]> wrote: > In the auditing-infrastructure thing, the hope is that user agents will > be written to smartly and automatically perform the auditing. Yes, it is > detection after the fact. The prediction is that the number of people > running an auditing user agent will be greater than the number of > senders doing fingerprint verification, and that this greater number > will provider greater deterrent against bogus key endorsements.
In the CT world, auditing and monitoring are two very different things, and they must not be confused. Auditing does not detect mis-issued certificates/keys/whatever before the fact, during the fact, or after the fact [1]. Kind regards, Greg Slepak [1] https://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/ -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
