On Oct 3, 2014 9:54 PM, "elijah" <[email protected]> wrote: > > On 10/03/2014 11:54 AM, Tao Effect wrote: > > On Oct 3, 2014, at 11:43 AM, elijah <[email protected]> > > Your scenario, afaik, is an attacker who can mitm any and all network > connections and so can inject bad data in the gossip among monitors and > the connections between user-agents-auditors and monitors. To me, this > assumes that this global mitm attack has existed for all time, since > once a user agent or a monitor is able to initially bootstrap some > correctly authenticated secure connection with a monitor, they should be > able to detect subsequent mitm attempts from that point forward.
Agreed. The threat model assumed in Greg's blog post about CT isn't quite stated explicitly but it feels absurdly strong to the point of being a red herring. > So, let me ask: I'd add a third question: in the threat model in which CT doesn't work, does a blockchain-based approach work? Can't a permanent MITM that a user doesn't have any secure channel to avoid also confuse that user into accepting an incorrect block chain?
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
