[cryptography] fyi: Sovereign Keys: an EFF proposal for more secure TLS authentication

Adam Back adam at cypherspace.org
Sat Nov 26 17:43:08 EST 2011


I only skimmed the high level but I presume they would be using a merkle
hash-tree and time-stamp server or something like that so it cant revise its
story later and its current state can be audited by anyone against its
advertised information.

Adam

On Sat, Nov 26, 2011 at 11:36:11PM +1100, ianG wrote:
>
>>https://eff.org/sovereign-keys
>>
>>On that page you can find links to a high level overview and 
>>detailed design
>>docs.  The design has a number of nice features, including very strong
>>resistance to server impersonation attacks and automatic failover 
>>to secure
>>routing methods (ideally, Tor hidden services) when server impersonation
>>occurrs.
>
>As far as I can see, this is a third party repository for the keys.  
>Which claims to reliabily deliver the keys on request?
>
>Is that it?
>
>iang
>_______________________________________________
>cryptography mailing list
>cryptography at randombit.net
>http://lists.randombit.net/mailman/listinfo/cryptography



More information about the cryptography mailing list