[messaging] Gossip doesn't save Certificate Transparency

Trevor Perrin trevp at trevp.net
Sat Sep 27 01:42:20 PDT 2014


On Fri, Sep 26, 2014 at 11:00 PM, Tao Effect <contact at taoeffect.com> wrote:
>
> The audit proofs just tell you that a certificate exists in a log. It
> doesn't tell you that a certificate is fraudulent.

Of course.  The CT idea is that logs are monitored.  If a mis-issued
cert is detected, people respond in the usual ways: CAs can revoke it
and do incident response; browsers can push revocations (e.g.
CRLsets), and delist or constrain irresponsible CAs.

We've discussed "transparency logs" published by an e2e messaging
service.  That's different - presence in such a log says "I think X is
valid".  But CT is being added to the existing Web PKI.  It would be
unreasonable to expect every existing CA to publish a transparency
log.  Thus, the logs publish all issued certs, leaving it to other
mechanisms to detect fraudulent certs and respond.

Anyways, this is getting into the specifics of CT.  CT is designed for
the Web PKI, and is different from a "transparency log" for secure
messaging in this and other ways.

So unless there's a connection to "secure messaging" I'm missing,
these thoughts about CT should probably be directed to a different
list (e.g. therightkey, trans).


Trevor


More information about the Messaging mailing list