On 02/14/2012 09:02 PM, Jon Callas wrote:
If you implement something like the Certificate Transparency, you have an authenticated database of authoritative data to replicate the oracle with.
How important is it that the data be authenticated/authoritative in this case?
Waving my hand and making software magically appear, I'd combine Certificate Transparency and such an oracle be combined, and compute the status of the key as part of the certificate logs and proofs.
CAs are sort of taking a beating in the public view these days. Such a service could be the kind of thing they either use as a QoS differentiator, or something they collaborate on as an industry to help build some public trust.
I bet there are some graduate students looking for nice, limited-scope summer internship projects...but it may be bigger scope than that.
- Marsh _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
