Eric Rescorla
@rtfm.com
Newsletter: https://educatedguesswork.org/
Finally, when you go to the Web server, it proves that it's certificate matches the summary. What this means technically is that it gives you a Merkle inclusion proof that goes back to the root.
December 15, 2023 at 6:17 PM
Finally, when you go to the Web server, it proves that it's certificate matches the summary. What this means technically is that it gives you a Merkle inclusion proof that goes back to the root.
The standard solution here is what's called a consensus system. Effectively, you compute a summary of all the published certificates (typically by assembling them into a Merkle hash tree).
December 15, 2023 at 6:16 PM
The standard solution here is what's called a consensus system. Effectively, you compute a summary of all the published certificates (typically by assembling them into a Merkle hash tree).
For instance, if the CA has it on their web site and sends it to clients but not to sites when they check, then the system breaks down.
December 15, 2023 at 6:16 PM
For instance, if the CA has it on their web site and sends it to clients but not to sites when they check, then the system breaks down.
The first step is to have the client (i.e., the browser) check that the certificate was published, thus hopefully forcing the CA to publish it. But now we have to confront the definition of "publish". How do we know the CA published to everyone?
December 15, 2023 at 6:15 PM
The first step is to have the client (i.e., the browser) check that the certificate was published, thus hopefully forcing the CA to publish it. But now we have to confront the definition of "publish". How do we know the CA published to everyone?