[messaging] [Cryptography] Gossip doesn't save Certificate Transparency
pgut001 at cs.auckland.ac.nz
Mon Oct 13 04:48:20 PDT 2014
Jerry Leichter <leichter at lrw.com> writes:
>The logical outcome of pinning is to get rid of the certs entirely. Your
>browser vendor provides you with a bucket of public keys for well-known sites,
>and you just use them.
Yup, and that's been proposed in the past (late 1990s) as a way of getting
away from X.509's 1970s origins in offline systems. Instead of asking a
source for a certified copy from some self-appointed authority (certificate
from a CA) and then groping around for further information to check whether
the certified copy you've just fetched is actually valid (CRL), you just ask
the authority directly, "give me the currently-valid, known-good key for X"
(pin from Google). This short-circuits all of PKI.
For some reason it hasn't proven too popular with CAs and browser vendors.
>Pinning is a hack to buttress a PKI system that we know is failing. I
>appreciate the importance of having something that improves existing systems
>as transparently as possible - it's so difficult to deploy anything entirely
>new. As a transition - that's fine. But it shouldn't block us from thinking
>about a better replacement.
It's just a very roundabout way of implementing the "give me a known-good key
for X" described above without disintermediating the CAs.
More information about the Messaging