Dear Dmitry, Thank you for the reply.
On Sep 25, 2014, at 6:40 AM, Dmitry Belyavsky <beld...@gmail.com> wrote: > If I understand correctly, it should be prevented by Auditors and the gossip > protocol (yes, I understand it is not specified in fact). Auditors and gossip > protocol are designed for solving precisely this case. Well, please reply with the details of gossip. This blog post was simply a more formal way of restating an email I'd brought up on [trans] back in May. I pointed out back then that gossip was essential if this attack is to have any hope of being detected, and I am still waiting for those details. > And, BTW, if we ask for more than one SCT in the cert as Ben does, the attack > becomes much more difficult even for the perfect MITM. Define "much more"? If we're dealing with "the perfect MITM", they might own one of the CAs, and then only need to send an NSL to another (or hack another). Not too difficult for "the perfect MITM". Kind regards, Greg Slepak -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ therightkey mailing list therightkey@ietf.org https://www.ietf.org/mailman/listinfo/therightkey
