Tao Effect <[email protected]> wrote Sat, 27 Sep 2014 16:10:35 -0700:
| Paul Wouters brought up the idea of sharing certs on [metzdowd], and I guess that's the same thing as gossiping SCTs, right? That's not how I read that. The suggestion seems to be sharing information about seeing two different certificates with the same CN within some period of time. That's not what an SCT carry. | > The more information shared, the better detection we seem to get. But | > sharing information have privacy implications. It seems to me that | > sharing STH's is much less problematic than sharing SCT's. | | Why do you think sharing SCTs is problematic, and what privacy implications does it pose? | | If the SCTs are shared over an encrypted connection, only the server, the client, and the potential MITM will know about them. The fear is that the web server would get a good idea about what sites the client has visited. If clients would gossip sufficiently about _other_ clients SCT:s _and_ there would be no way of linking an SCT to a given client, this might be less of a problem. Can we do this? | Any time a cert changes, the client would tell the server about that change over the established TLS connection. | | When MITM leaves, the server would find out that a fraudulent cert had been generated for their website, and could then identify the CA responsible. Here is the cert change again. I'll leave it to others to explain more about that idea. Sounds interesting. _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
