>> Certificate Transparency is a real security measure that is a response by a >> browser vendor. > > So the response to the repeated failure of browser PKI is PKI-me-harder. > Yeah, that's really going to make users safer.
I don't see why CT is PKI-me-harder. EV or BR would fall into that category. But why CT? It is a very useful monitoring tool, and has some advantages over Sovereign Keys. Ralph -- Ralph Holz Network Architectures and Services Technische Universität München Phone +49 89 28918043 http://www.net.in.tum.de/de/mitarbeiter/holz/ PGP: A805 D19C E23E 6BBB E0C4 86DC 520E 0C83 69B0 03EF _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography