The latest hoopla about the Bitcoin blockchain potentially containing small amounts of "illegal data", is a good opportunity for early career security researcher to write a tool to insert and retrieve arbitrary data from certificate transparency logs.
Easy w/ @letsencrypt
-
Show this thread
-
Most obvious way to do it is via the DNS name; more clever would be to encode data in the pubkey. Might be other fields as well that you can use.
2 replies 2 retweets 13 likesShow this thread -
If the relevant CT log authorities are crazy enough to delete the data (specifically, make it not available to the public), it immediately destroys the entire auditability of CT. For CT this is actually an easily avoidable problem: they could have used a merklized k:v index.
1 reply 1 retweet 7 likesShow this thread -
W/ that design, you can selectively delete and only destroy the auditability of the CT chain for *some* domain names.
2 replies 1 retweet 7 likesShow this thread
That doesn't work. Clients would still need to distrust entire map as soon as deletion is discovered, to avoid relying on false assertions that certificate is logged.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.