| ▲ | sitkack 3 days ago |
| Don't lower cert times also get people to trust certs that were created just for their session to MITM them? That is the next step in nation state tapping of the internet. |
|
| ▲ | woodruffw 3 days ago | parent | next [-] |
| I don't see why it would; the same basic requirements around CT apply regardless of certificate longevity. Any CA caught enabling this kind of MITM would be subject to expedient removal from browser root programs, but with the added benefit that their malfeasance would be self-healing over a much shorter period than was traditionally allowed. |
|
| ▲ | ezfe 3 days ago | parent | prev [-] |
| lol no? lower cert times still extend the root certificates that are already trusted. It is not a noticeable thing when browsing the web as a user. A MITM cert would need to be manually trusted, which is a completely different thing. |
| |
| ▲ | Lammy 3 days ago | parent [-] | | I think their point is that a hypothetical connection-specific cert would make it difficult/impossible to compare your cert with anybody else to be able to find out that it happened. A CA could be backdoored but only “tapped” for some high-value target to diminish the chance of burning the access. | | |
| ▲ | woodruffw 3 days ago | parent | next [-] | | > I think their point is that a hypothetical connection-specific cert would make it difficult/impossible to compare your cert with anybody else to be able to find out that it happened. This is already the case; CT doesn't rely on your specific served cert being comparable with others, but all certs for a domain being monitorable and auditable. (This does, however, point to a current problem: more companies should be monitoring CT than are currently.) | |
| ▲ | roblabla 3 days ago | parent | prev | next [-] | | Well, the cert can still be compared to what's in the CT Log for this purpose. | |
| ▲ | sitkack 3 days ago | parent | prev [-] | | Yes, precisely. |
|
|
