> On 16 May 2016, at 11:22, Viktor Dukhovni <[email protected]> wrote: > The only "solutions" are EV, which fails to scale, or CT which only > provides forensic evidence after the fact. The latter might deter > attackers who are reluctant to leave a trail of evidence of their > activity, though in practice all one learns is which CA got fooled, > not who did it. If the CA was not negligent or complicit, there's > little recourse. One learns of the existence of MiTM, but not > who's behind it.
Which is exactly the reason why I've repeatedly pushed for an extensible feedback mechanism in for the related reporting draft. ... Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
