[148195] in cryptography@c2.net mail archive
Re: [Cryptography] Moving forward on improving HTTP's security
daemon@ATHENA.MIT.EDU (Ben Laurie)
Tue Nov 19 09:25:06 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <2FF17814-B3E8-47AC-A971-7F5AEECB0780@gmail.com>
Date: Tue, 19 Nov 2013 09:58:35 +0000
From: Ben Laurie <ben@links.org>
To: John Kelsey <crypto.jmk@gmail.com>
Cc: Cryptography Mailing List <cryptography@metzdowd.com>,
"jamesd@echeque.com" <jamesd@echeque.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============1001176714430766910==
Content-Type: multipart/alternative; boundary=001a11c30abe34ef7f04eb84b5ca
--001a11c30abe34ef7f04eb84b5ca
Content-Type: text/plain; charset=ISO-8859-1
On 18 November 2013 23:02, John Kelsey <crypto.jmk@gmail.com> wrote:
> It seems like the clever bit of CT is the insight that some actions, like
> a CA signing a cert, are intended to be public, and so should be forced
> (via clever crypto) to take place in public. This makes me wonder what
> other crypto actions should also take place in public, in a way that
> doesn't permit hiding them from the world.
>
Revocation
Software releases
Mapping of email address to public key
Delegation of DNSSEC keys
--001a11c30abe34ef7f04eb84b5ca
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On 18 November 2013 23:02, John Kelsey <span dir=3D"ltr"><<a hre=
f=3D"mailto:crypto.jmk@gmail.com" target=3D"_blank">crypto.jmk@gmail.com</a=
>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">It seems like the clever bit of CT is the in=
sight that some actions, like a CA signing a cert, are intended to be publi=
c, and so should be forced (via clever crypto) to take place in public. =A0=
This makes me wonder what other crypto actions should also take place in pu=
blic, in a way that doesn't permit hiding them from the world.<br>
</blockquote><div><br></div><div>Revocation</div><div>Software releases</di=
v><div>Mapping of email address to public key</div><div>Delegation of DNSSE=
C keys</div><div><br></div></div></div></div>
--001a11c30abe34ef7f04eb84b5ca--
--===============1001176714430766910==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============1001176714430766910==--
