Dear Nicolai,
On Sep 25, 2014, at 8:29 PM, Nicolai nicolai-cryptogra...@chocolatine.org
wrote:
It seems to me that CT could benefit security only in a trickle down
sense: if a cert is improperly issued against a major domain like
google.com, that CA can be punished by Chromium/Chrome, with
On Fri, 26 Sep 2014, Greg wrote:
But what about normal people? I have to check up to 1000 different logs
to see if I've been attacked? And if I find out that's the case, would
people care about little old me enough to burn a CA such as Comodo?
It seems CT could
I don't know how google proposes to do it. I don't find their
explanation entirely clear.
Here is how I would do it. It guarantees that everyone sees the same
information, and any attempt to tell two different stories immediately
gets caught.
There will be a mapping between strings and