On 16 September 2013 18:49, Phillip Hallam-Baker <hal...@gmail.com> wrote:

> To me the important thing about transparency is that it is possible for
> anyone to audit the key signing process from publicly available
> information. Doing the audit at the relying party end prior to every
> reliance seems a lower priority.

This is a fair point, and we could certainly add on to CT a capability to
post-check the presence of a pre-CT certificate in a log.

> In particular, there are some type of audit that I don't think it is
> feasible to do in the endpoint. The validity of a CT audit is only as good
> as your newest notary timestamp value. It is really hard to guarantee that
> the endpoint is not being spoofed by a PRISM capable adversary without
> going to techniques like quorate checking which I think are completely
> practical in a specialized tracker but impractical to do in an iPhone or
> any other device likely to spend much time turned off or otherwise
> disconnected from the network.

I think the important point is that even infrequently connected devices can
_eventually_ reveal the subterfuge.
The cryptography mailing list

Reply via email to