[messaging] Thoughts on keyservers

Tao Effect contact at taoeffect.com
Mon Aug 18 17:14:44 PDT 2014


I've seen several people mention Certificate Transparency (CT). To pick a recent example:

> (1) The web server problem: a present server needs to prove itself to a
> present visitor. Addressed by CT, etc.

Certificate Transparency does not work.
Nor does it perform as advertised. It does not, as it claims, always provide a log of issued certificates and it does not stop MITM attacks:

- http://www.ietf.org/mail-archive/web/trans/current/msg00233.html

- http://okturtles.com/#oktvs

It also does nothing to fix the non-functioning certificate revocation problem (which is not a problem with the blockchain).

Kind regards,
Greg

--
Please do not email me anything that you are not comfortable also sharing with the NSA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140818/37444255/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140818/37444255/attachment.sig>


More information about the Messaging mailing list