@taoeffect @bascule clients reaching consensus about validity of an STH?
@taoeffect @ln4711 that's the worst case scenario. Best case attacking CA doesn't submit the cert to the logs and user deterred by warning
-
-
-
-
@taoeffect@ln4711 in the event of a misissued cert that isn't in the logs, browsers can show a scary address bar... -
@taoeffect@ln4711 ...that only helps in a world where everyone is using CT though -
-
@taoeffect@ln4711 then the target domain can detect it and prove misissuance -
-
@taoeffect@ln4711 so to misissue certs under CT, you just need to burn a CA? ;) - 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.