@ln4711 @taoeffect CT really needs to be ubiquitous for it to have the right UX for users i.e. show scary bar unless audit logs are present
@taoeffect @ln4711 then the target domain can detect it and prove misissuance
-
-
-
@taoeffect@ln4711 so to misissue certs under CT, you just need to burn a CA? ;) -
-
@taoeffect@ln4711 a CA has to provide undeniable proof they misissued a cert for it to be trusted… -
@bascule@ln4711 At this point, we are just emphatically agreeing on the best case scenario mentioned in:https://twitter.com/taoeffect/status/573199559725219840 … -
@taoeffect@ln4711 it solves fly-by-night misissuance. If misissuance is detected, a site can warn its users -
@taoeffect@ln4711 a site could also potentially get the misissued cert in e.g. Chrome CRLsets
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.