We need more eyeballs and brains on Certificate Transparency. Google is quietly signing up CAs based on false info: http://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/ …
-
-
@bascule Fairly certain same attack doesn’t affect blockchain systems. -
@taoeffect a MitM who controls what you see on the Internet can construct a false reality in either case -
@bascule Yes, but it is different in CT than it is in blockchains. See discussion in claim #2: http://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/ … -
@taoeffect I allege it’s the same thing and the difficulty of the attack is similar in both cases -
@bascule You can allege all you want, but I am convinced that is not true. CT doesn’t have a blockchain protected by PoW. -
@taoeffect PoW is unnecessary and inefficient -
@bascule Well, this too, is addressed in the post, see “wasted energy”: http://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/ … -
@taoeffect an attacker with the capabilities to pull off the attack you describe can just as easily confuse either system - 15 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.