.@BRIAN_____ CT doesn’t tell sysadmins of all fraudulent issued certificates, even when they choose to monitor. https://moderncrypto.org/mail-archive/messaging/2014/000678.html …
@taoeffect It doesn't matter, as long as the clients trust only certificates for which they have a valid CT proof, which is the end goal.
-
-
@BRIAN_____ It does matter. A valid CT proof != MITM-free connection. Undetected MITM still possible with CT.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.