Lets break this down. In what way is suppression of a previously enrolled certificate different to not enrolling the certificate at all?
The only ones I can see is that it means that 1) the CA is off the hook, they fulfilled their duties and 2) the fact that suppression has occurred is visible. CT relies on there being some feedback mechanism to detect unenrolled certs, the same would apply to suppressed certs. So let us imagine that a government coerces a CA to issue a bogus cert and then coerces a notary to suppress it. What next? Well first off anyone who has a copy of that cert taken from the repository before the suppression is going to hard look at it. So the chance of people being aware of the suppression and working out the reason for it is essentially 99%. A person formerly very senior in NSA told me that the governing paradigm post Snowden was 'NOBUS': Nobody but us. Sure they might want to perform this type of attack if they think they can get away with it but they won't do things that are liable to get caught. On Wed, Nov 16, 2016 at 6:48 AM, Ben Laurie <[email protected]> wrote: > On 16 November 2016 at 11:39, Paul Wouters <[email protected]> wrote: > > On Wed, 16 Nov 2016, Ben Laurie wrote: > > > > (no hats on) > > > >> On 16 November 2016 at 03:46, Paul Wouters <[email protected]> wrote: > >>> > >>> How can I as log consumer detect the difference between the log > removing > >>> illegal content and the log being compelled by a government to hide a > >>> rogue > >>> certificate? > >> > >> > >> Court orders are court orders. That issue is not in the log's domain. > > > > > > It was an example. the core isuse is, how can a consumer determine the > > log censored itself with a valid reason, versus an attack, compromise, > > having been compelled, or for financial gain or any other invalid reason? > > > > Using a hash of a removed cert won't allow anyone to verify the reason > > for removal. And clearly the content cannot remain their either. It's > > a catch22. > > This is why the redaction reason entry exists, so that there _is_ > something to reason about. If you (a consumer) are unconvinced by the > reason, well, there are public fora where you can voice your concerns. >
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
