On Oct 3, 2014, at 2:03 PM, Joseph Bonneau <[email protected]> wrote: > On Oct 3, 2014 9:54 PM, "elijah" <[email protected]> wrote: > > > > On 10/03/2014 11:54 AM, Tao Effect wrote: > > > On Oct 3, 2014, at 11:43 AM, elijah <[email protected]> > > > > Your scenario, afaik, is an attacker who can mitm any and all network > > connections and so can inject bad data in the gossip among monitors and > > the connections between user-agents-auditors and monitors. To me, this > > assumes that this global mitm attack has existed for all time, since > > once a user agent or a monitor is able to initially bootstrap some > > correctly authenticated secure connection with a monitor, they should be > > able to detect subsequent mitm attempts from that point forward. > > Agreed. The threat model assumed in Greg's blog post about CT isn't quite > stated explicitly but it feels absurdly strong to the point of being a red > herring. >
It's also a mistaken understanding of the original attack, and ignores the update made to the post on September 27th, which points out that for clients who are gossiping, CT's proofs don't even detect today's basic types of HTTPS attacks (simple mis-issuance). Sorry, I need to finish lunch and rest. Then I will give a complete response to your and elijah's emails (and an off-list reply I received). Just wanted to quickly point this out before even more people walk away with a misunderstanding of the attacks. Kind regards, Greg Slepak -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
