[148192] in cryptography@c2.net mail archive
Re: [Cryptography] Moving forward on improving HTTP's security
daemon@ATHENA.MIT.EDU (John Kelsey)
Mon Nov 18 19:36:17 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <CAG5KPzw5QhjOBDMZhxW+wK4VRYZ6E0aTkmwxiMpLAkGJQ0ODaA@mail.gmail.com>
From: John Kelsey <crypto.jmk@gmail.com>
Date: Mon, 18 Nov 2013 18:02:29 -0500
To: Ben Laurie <ben@links.org>
Cc: Cryptography Mailing List <cryptography@metzdowd.com>,
"jamesd@echeque.com" <jamesd@echeque.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
It seems like the clever bit of CT is the insight that some actions, like a CA signing a cert, are intended to be public, and so should be forced (via clever crypto) to take place in public. This makes me wonder what other crypto actions should also take place in public, in a way that doesn't permit hiding them from the world.
--John
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography