[matthew9219]

The example I gave was a router or gaming system updating itself (e.g. using CUrl) not a full browser. Don't strawman please - if my argument is as weak as you say, you shouldn't need to.

I want a version of Web PKI strong enough that I can turn off my tablet for a year, turn it back on in a coffee shop, apply automatic updates, and not have my web traffic monitored, even if I'm gay and the coffee shop is in Saudi Arabia.

From what I can see, DNSSec+CAA+.com+US CA+US hosting for the Android update server does the trick. No version of CT does.

[mjg59]

The Play Store has cert pinning, so this all works just fine in the scenario you're describing.

[matthew9219]

Web PKI so strong that we recommend not using it for critical scenarios.. /s

It's late and I maybe haven't been super constructive here, but I think when you try to write out the actual assumptions behind CT as the whole solution, you realize you've got something that mostly works assuming assuming assuming - and worse, we'll never do any better, because those assumptions are fundamental technical limits. DNSSec may be ugly but at least its problems (like validators failing open) are just deployment issues, not fundamental technical issues.

I'm sick and tired of using technologies that provide security or correctness subject to a long list of preconditions and ways for folks to tell me I'm using it wrong. To build secure systems, we need technology that provides correct security without so much asterisks and fine print.

[tptacek]

The whole premise of your argument about set-top boxes and CT was refuted, and you've used that as evidence that you were right all along.

[matthew9219]

Do you believe CT protects set-top boxes against surveillance from nation state actors who compromise your router? Yes or no, if you don't answer, you're not engaging in good faith.

[tptacek]

Nobody's ever going to continue discussing things with you when you end your comments with barbs like "if you don't answer, you're not engaging in good faith."