Tao Effect <[email protected]> wrote Sat, 27 Sep 2014 14:47:24 -0700:
| On Sep 27, 2014, at 2:03 PM, Love Hörnquist Åstrand <[email protected]> wrote: | | > So how do you keep the log honest and stop it from not adding the | > SCT to the log ? | > | > Well, by using gossip about the logs. | | Sorry, don't quite understand what you're saying here... | | Both SCTs (legitimate and otherwise) will happily be accepted by any | log. Gossip won't help clients detect fraudulent certs issued by rogue | CAs (as explained in the "Threat model" thread). This is hard to follow. SCT's are not added to nor accepted by logs. They are the response to a log submission. An SCT is a promise from a log that a given certificate will be included in said log within some time. Detecting of fraudulent certs is done by the particular type of CT client called a monitor. Successful gossiping will help detecting logs presenting different views to different clients, among them monitors. This includes malicious log operators as well as attackers able to mount man-in-the-middle (or man-on-the-side) attacks who are also able to sign as the log (for example by having a copy of the logs private key). _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
