[messaging] yet another CT thread

Joseph Bonneau jbonneau at gmail.com
Fri Oct 3 14:03:29 PDT 2014

On Oct 3, 2014 9:54 PM, "elijah" <elijah at riseup.net> wrote:
> On 10/03/2014 11:54 AM, Tao Effect wrote:
> > On Oct 3, 2014, at 11:43 AM, elijah <elijah at riseup.net>
> Your scenario, afaik, is an attacker who can mitm any and all network
> connections and so can inject bad data in the gossip among monitors and
> the connections between user-agents-auditors and monitors. To me, this
> assumes that this global mitm attack has existed for all time, since
> once a user agent or a monitor is able to initially bootstrap some
> correctly authenticated secure connection with a monitor, they should be
> able to detect subsequent mitm attempts from that point forward.

Agreed. The threat model assumed in Greg's blog post about CT isn't quite
stated explicitly but it feels absurdly strong to the point of being a red

> So, let me ask:

I'd add a third question: in the threat model in which CT doesn't work,
does a blockchain-based approach work? Can't a permanent MITM that a user
doesn't have any secure channel to avoid also confuse that user into
accepting an incorrect block chain?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141003/92eaaee4/attachment.html>

More information about the Messaging mailing list