On 2012-03-02 7:14 AM, Thierry Moreau wrote:
Then what remains of the scheme reputation once Mallory managed to inject a fraudulent certificate in whatever is being audited (It's called a "log" but I understand it as a grow-only repository)?
Suppose an Iranian CA were to issue certificate for a US site. The US site would readily discover it, causing such grave embarrassment for the Iranian CA that they would probably refrain.
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
