|
|
|
|
|
|
by itistoday2
4131 days ago
|
|
|
Certificate Transparency does little to solve this problem. It doesn't stop MITM attacks. It might have a chance of helping a small number of companies that have the resources to monitor all logs, but that's after the attack and only if all relevant CAs are participating in the system. It gives ordinary users nothing and requires sysadmins to go to extreme lengths. Most websites are unlikely to benefit: https://blog.okturtles.com/2014/09/the-trouble-with-certific... We've been working very hard on an alternative proposal that prevents MITM attacks called DNSChain, and we keep a running comparison of it with other proposals folks have made here: https://github.com/okTurtles/dnschain/blob/master/docs/Compa... |
|
|