[cryptography] The Trouble with Certificate Transparency
James A. Donald
jamesd at echeque.com
Sat Sep 27 00:24:36 EDT 2014
I don't know how google proposes to do it. I don't find their
explanation entirely clear.
Here is how I would do it. It guarantees that everyone sees the same
information, and any attempt to tell two different stories immediately
There will be a mapping between strings and hashes, and you can look up
the 32 byte hash corresponding to a string.
The strings will be email addresses and the urls of websites.
The hash will be a hash of assertions about the website made by the
owner, the currently valid public keys of the website, and the past
history of changes in this information.
Updates take effect once a day or so. If you change this information,
you will not see the change for a day or so. Thus if you want to update
your key, first add an additional key. When that propagates, update
your website, then remove the old key.
There is a global hash that represents the root of a tree of all hashes,
and the past history of global hashes.
To prove that the value you just looked up is the same for everyone,
look at the chain of hashes connecting it to the root of the tree of all
To lie to you, to give one story to the owner, and a different story to
you, the global hash would have to be different for the owner and for you.
A lot of people observe the global hash, and its history. So you check
with one of them, to make sure you are seeing the same global hash as
they do, and they similarly check with each other.
More information about the cryptography