[messaging] Gossip doesn't save Certificate Transparency
Chris Palmer
snackypants at gmail.com
Sat Sep 27 10:04:33 PDT 2014
On Saturday, September 27, 2014, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
wrote:
That's always puzzled me about CT, who is going to monitor these logs, and
> why
> would they bother? This seems to be built from the same fallacy as "open-
> source code is more secure because lots of people will be auditing the code
> for security bugs".
It's a simple matter of a shell script to scan logs for misissuance for
names you care about. Google certainly cares, EFF and other activist
organizations, PayPal, Facebook, ... Anyone who is currently a target for
misissuance will write or share that shell script.
But as Trevor says, we are off topic now...
--
http://noncombatant.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140927/c9bc3b27/attachment.html>
More information about the Messaging
mailing list