目录
前言
讲了证书透明度,通过audit增强认证。
一、before certificates
容易有网络攻击
- DNS isn’t very secure, can fake DNS information for gmail.com to browser
- network routers, routing system, WiFi not always very secure
二、certificates
2.1 basic certificate and CA scheme
通过https建立链接
- server sends certificate
- browser checks CA signature (using list of acceptable CA public keys)
- browser challenges server to prove it has private key
网络攻击gets hard
但是还不够好
- it’s not clear how to decide who owns a DNS name
- there are over 100 CAs in browsers’ lists
- not all of them are well-run
- not all of them employ only trustworthy employees
- not all of them can resist demands from country’s government
三、Certificate Transparency (CT)
3.1 how does Certificate Transparency (CT) approach this problem?
it’s really an audit system; it doesn’t directly prohibit anything
就是让目前的certificate is public
流程
1. gmail.com asks CA for a certificate
2. CA issues cert to gmail.com
3. CA registers certificate with CT log server (typically more than one)
4. log server adds certificate to log
5. browser connects to gmail.com
6. gmail.com provides certificate to browser
7. browser asks CT log server if cert is in the log
meanwhile:
gmail.com’s Monitor periodically fetches the entire CT log
scans the log for all certs that say “gmail.com”
complains if there are other than the one it knows about
since those must be bogus
四、Merkle Tree
Log server会give a proof
五、总结
auditing is worth considering when prevention isn’t possible
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
