[cabfpub] Upcoming changes to Google Chrome's certificatehandling

Phillip Hallam-Baker philliph at comodo.com
Tue Nov 12 19:18:37 UTC 2013


>On 12 November 2013 16:44, Phillip Hallam-Baker <philliph at comodo.com> wrote:
>> I can provide several ways to do Gossip that are completely solid with
>> respect to my security metric of a social work factor over time. I introduce
>> the concept here:
>>
>> http://tools.ietf.org/html/draft-hallambaker-prismproof-trust-00
>>
>> What I cannot do is to provide a mechanism to allow a stand alone client to
>> evaluate the Gossip traffic and use the output of the evaluation to gate
>> certificate acceptance.

>That is not the purpose of gossip in CT. Its purpose is to reveal any
>attempts to fork a log.

Why is it a problem to fork a log?

It seems to me that forking a log is a great thing, the more independent logs we have the better. Grounding each log in another log 
is the purpose of Gossip.

I think that what you are calling forking the log is an authenticity attack on the log or the log maintainer presenting different 
logs to different parties.

Which are the attacks I am looking to defeat. 




More information about the Public mailing list