On 27 March 2015 at 19:28, Tao Effect <[email protected]> wrote: > We've posted a followup blog post: > > *Certificate Transparency’s improved gossip protocols show promise* > > > https://blog.okturtles.com/2015/03/certificate-transparencys-improved-gossip-protocols-show-promise/ > > I also updated our previous blog post to make a note of this new > information. > > Great work folks. [image: 👍] >
Cool! I'll add a note: one of the optimizations/tricks we noted while composing was that a server may actually detect a misbehaving log that it _doesn't_ trust. Ordinarily we'd discard any such data (because of the aforementioned problems with DoS and such) - but by looking at the submitted certificate, and checking if it chains to a root cert in the store you recognize, you may decide "Actually this one is interesting enough to keep." (Still some DoS concerns there, but a trick servers have the opportunity to work with nonetheless.) -tom
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
