[cryptography] Certificate Transparency: working code

Tom Ritter tom at ritter.vg
Fri Mar 2 11:32:58 EST 2012


On 1 March 2012 13:14, Thierry Moreau <thierry.moreau at connotech.com> wrote:
> May I ask a (maybe stupid) question?
>
> "... audit proofs will be valid indefinitely ..."
>
> Then what remains of the scheme reputation once Mallory managed to inject a
> fraudulent certificate in whatever is being audited (It's called a "log" but
> I understand it as a grow-only repository)?

At the risk of espousing on something I didn't author while the
authors are present: CT doesn't address revocation (yet).  According
to the original doc, revocation will still be needed.  It posed the
idea similar to the DNSSEC Proof of Nonexistence where the CA will
publish a list of all revoked certs, sorted, updated every so often.
The server would then present, or the client obtain somehow, this
list.  If the cert in question isn't in the list at the point it would
be (because it's sorted), it's still valid.

I don't know if this idea has changed, it was published before the
browser-pushed CRLs that Chrome is moving to was announced.  But yes,
revocation still needs to be addressed, somehow.  Auditing the log is
designed to for finding the certificates that need revoking, hopefully
very quickly.

-tom



More information about the cryptography mailing list