[cryptography] The Trouble with Certificate Transparency

Greg greg at kinostudios.com
Wed Sep 24 14:17:28 EDT 2014

This post explains how undetected MITM attacks still remain possible even if Google's Certificate Transparency (CT) becomes widely deployed, and it dissects many of Google's false and misleading claims about it.

Many thanks go to Zaki (@zmanian), Simon (@simondlr) and others to reviewing it prior to publication:


Kind regards,

Please do not email me anything that you are not comfortable also sharing with the NSA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140924/775a3a53/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140924/775a3a53/attachment.asc>

More information about the cryptography mailing list