On Wed, 15 Jun 2016 10:00:27 +0100 Ben Laurie <[email protected]> wrote:
> On 10 June 2016 at 15:16, Rob Stradling <[email protected]> > wrote: > > I think it's fair enough to say that if you withhold information > > from CT, CT won't help you as much as it otherwise would have done. > > > > I see the attraction of replacing "redacted labels not with '?' but > > with a salted cryptographic hash of the label, with the salt > > specified in the Redacted Labels Certificate Extension", but I'd > > prefer to avoid increasing complexity. > > I also like this suggestion. It does have the obvious downside that > dictionary attacks work, though they can be made expensive. A sufficiently-long random salt makes dictionary attacks infeasible. Since the salt is only specified in the certificate, anyone who knows the salt knows the unredacted labels already. Regards, Andrew _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
