Certificate Transparency Hack Day
Nicholas Bohm
nbohm at ernest.net
Sun Aug 4 10:52:02 BST 2013
On 03/08/2013 14:48, Ben Laurie wrote:
> On 19 July 2013 19:25, Nicholas Bohm <nbohm at ernest.net> wrote:
>> On 19/07/2013 19:08, Peter Fairbrother wrote:
>>> On 19/07/13 11:31, Ben Laurie wrote:
>>>> The Certificate Transparency team
>>> What exactly is Certificate Transparency? I'm thinking it has
>>> something to do with the little padlocks on browsers, but ..
>> I didn't understand it either; but then I didn't expect to.
>>
>> (I think it's to do with being able to tell whether the certificate used
>> by a site is the one you'd expect, so as to help detect MITM attacks.)
>>
>> But I think it's clear you ought to go and find out (balloons or no
>> balloons), and maybe explain to us all.
> By the way. we updated the website, hopefully it makes it clearer:
> http://www.certificate-transparency.org/
>
Thank you; I think it does.
As it achieves adoption, it will increasingly mitigate risks of relying
on an improperly issued certificate. Some of it relies on
browser-vendors issuing updates to remove untrustworthy CAs from users'
browsers, and on users being set up to receive and implement updates; or
on users having some way of learning which CAs they would be wise to
remove themselves.
It therefore addresses some significant flaws in the current system.
Just to put it in context, however, it needs to be viewed in the light
of the very limited reliance that a user can wisely place on a genuine
certificate. The CA business model (inevitably) rewards the CA that
does the least checking of those to whom it issues certificates, and
that allows the least liability exposure to those who suffer by relying
on a certificate. One way of describing this is to say that the margin
of trustworth conveyed by a genuine certificate as compared with a false
one is as small as the issuing CA can get away with making it. This I
find altogether a more fundamental problem than those which Certificate
Transparency is aiming to address. That is no criticism of CT, which
seems to me admirable. But it is relevant background for taking a view
about how much better it will make the system as a whole.
Nick
--
Contact and PGP key here <http://www.ernest.net/contact/index.htm>
More information about the ukcrypto
mailing list