hmmmmm
Conversation
this seems like a weird capitulation to me, afaik they haven't done any blockchain stuff before this?
3
15
Replying to
probably been some internal research work done, but only other blockchain related things I can recall are the BQ datasets
1
2
If centralized databases can be considered blockchains then Certificate Transparency is close enough.
Chromium doesn't enforce inclusion via Merkle audit proofs to avoid leaking browsing history though. It enforces signed timestamps. It doesn't seem like they care to solve it.
speaking of CT, I'm surprised we haven't seen the team put out a smart contract based monitor or log service, maybe that is something that will come out of this new division (if real)
1
1
It would be nice if they followed through on what they originally proposed by figuring out some cryptography for clients to privately enforce that certificates were actually logged. They ended up being too content with SCTs from 1 Google log and 1 Google-approved non-Google log.
1
rfc-editor.org/rfc/rfc6962.ht
> Clients can instead request the proof from a trusted auditor (since anyone can compute the audit proofs from the log) or request Merkle proofs for a batch of certificates around the SCT timestamp.
Meanwhile:
trac.ietf.org/trac/trans/tic
Not great anyway.
1