Dear Linus, Thanks for starting this thread on Gossip!
> It's been suggested that web browsers should use TLS connections to web > servers for gossiping. One argument for that is that this makes the > attack of blocking the gossiping messages hard to get away with without > people noticing because it means blocking TLS to all servers > participating. I just want to point out that successful gossip does not protect clients against MITM from mis-issued certificates. It also does not detect mis-issued certificates. The selective partitioning of a log is one attack, but the standard attack that we have today, which doesn't require partitioning of a log, is not detected by CT's gossip as elaborated on in the "Threat model outline, attack model" thread, here (and in followup replies): http://www.ietf.org/mail-archive/web/trans/current/msg00588.html Kind regards, Greg Slepak -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
