[messaging] Gossip doesn't save Certificate Transparency
snackypants at gmail.com
Sat Sep 27 10:04:33 PDT 2014
On Saturday, September 27, 2014, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
That's always puzzled me about CT, who is going to monitor these logs, and
> would they bother? This seems to be built from the same fallacy as "open-
> source code is more secure because lots of people will be auditing the code
> for security bugs".
It's a simple matter of a shell script to scan logs for misissuance for
names you care about. Google certainly cares, EFF and other activist
organizations, PayPal, Facebook, ... Anyone who is currently a target for
misissuance will write or share that shell script.
But as Trevor says, we are off topic now...
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging