[cryptography] Certificate Transparency: working code
James A. Donald
jamesd at echeque.com
Thu Mar 1 17:01:05 EST 2012
On 2012-03-02 7:14 AM, Thierry Moreau wrote:
> Then what remains of the scheme reputation once Mallory managed to
> inject a fraudulent certificate in whatever is being audited (It's
> called a "log" but I understand it as a grow-only repository)?
Suppose an Iranian CA were to issue certificate for a US site. The US
site would readily discover it, causing such grave embarrassment for the
Iranian CA that they would probably refrain.
More information about the cryptography