[messaging] The Simple Thing
Tao Effect
contact at taoeffect.com
Fri Oct 3 11:54:26 PDT 2014
Dear elijah,
On Oct 3, 2014, at 11:43 AM, elijah <elijah at riseup.net> wrote:
> In the auditing-infrastructure thing, the hope is that user agents will
> be written to smartly and automatically perform the auditing. Yes, it is
> detection after the fact. The prediction is that the number of people
> running an auditing user agent will be greater than the number of
> senders doing fingerprint verification, and that this greater number
> will provider greater deterrent against bogus key endorsements.
In the CT world, auditing and monitoring are two very different things, and they must not be confused.
Auditing does not detect mis-issued certificates/keys/whatever before the fact, during the fact, or after the fact [1].
Kind regards,
Greg Slepak
[1] https://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/
--
Please do not email me anything that you are not comfortable also sharing with the NSA.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141003/10885e09/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141003/10885e09/attachment.sig>
More information about the Messaging
mailing list