On Sep 28, 2014, at 10:01 AM, Tao Effect <[email protected]> wrote: > >> There is no need for clients to cooperate with 1000 logs. > > > Well, if they want to know for certain that they weren't MITM'd, they're > going to have to search up to a 1000 logs (or several hundred, whatever the > number happens to be).
Erm, sorry, not "for certain", because even if they did scan those logs for inappropriate certs, that still won't tell them whether or not the certificate is fraudulent for two reasons: 1. Only the website owner determines whether the certificate is actually fraudulent. Clients cannot determine this with CT, no matter how much gossip they do, nor how many logs they query. 2. Similar to #1 but not identical is the possibility that a revoked certificate was used to MITM. Kind regards, Greg Slepak -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Sep 28, 2014, at 10:01 AM, Tao Effect <[email protected]> wrote: > Dear Ralph, > > On Sep 28, 2014, at 5:17 AM, Ralph Holz <[email protected]> wrote: > >> The latter factor gives huge leeway in the number of certs accepted by >> browsers as root certs. But however you look at it, the number of such >> certs will be comfortably below 1000 - anything from the 150+ root certs >> in the Mozilla store up to a few hundred. > > Thanks for clarifying some of this! > > This is just Mozilla, however. Even if we go by your numbers, we still need > to do a union on the certs accepted by other browsers, and other operating > systems. > > Do you happen to have numbers for that too? > >> Just requiring, say, 3 SCTs in a handshake >> would already result in considerable work for the attacker > > Yes, I think that would improve things. > >> (I know the current number is 2, though). > > > The current number is 1 according to the most recent version of the RFC I > could find (bis-04): > > https://raw.githubusercontent.com/google/certificate-transparency-rfcs/master/draft-ietf-trans-rfc6962-bis-04.txt > >> There is no need for clients to cooperate with 1000 logs. > > > Well, if they want to know for certain that they weren't MITM'd, they're > going to have to search up to a 1000 logs (or several hundred, whatever the > number happens to be). > > Kind regards, > Greg Slepak > > -- > Please do not email me anything that you are not comfortable also sharing > with the NSA. > > _______________________________________________ > Trans mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/trans
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
