1.

Solve : Certificate Transparency?

Answer»

I did USE the site's search tool and it came up zero, but maybe I erred in some manner. If so, please let me know where the thread is and lock this.

Otherwise, I'm interested to know what you folks THINK of this business that Google is so keen on pushing.

If you might not know what this is about I will POST this address so you can bring yorself up to speed:

http://www.certificate-transparency.org/what-is-ct

My understanding is that Google is going to be making concrete moves on this early next year — maybe February or March.Quote

I'm interested to know what you folks think of this business that Google is so keen on pushing.

The system needs to be better, mostly better managed to make sure that there is no misuse, however I cant see there being a permanent fix to this issue as for the longer that a security measure is out there, the more time HACKERS have to pick at it and find a flaw in its design or a flaw in the methods involved in distribution of certificates.

For this to be successful, it needs to constantly evolve and certificates should probably expire sooner than later in which new hopefully better certificates are issued and there is a cleanup process of outstanding certificates which are deactivated if not in use etc.

Additionally while it could probably be spoofed somehow, i feel that certificates should be tested regularly to verify that the servers that are hosting the content that they are using remains on the better part of the internet vs the shady side of it. Location of use should be established and monitored, and when a change has been made to location of servers, it should get flagged in which it should be verified that the servers that are associated with the certificate are still GOOD and not a clone mimic of a real site or containing scripts that are bad etc. While flagged as a change has been detected users connecting to that site should get a yellow warning that the authenticity of the site they are at is in question, use with caution basically. Any real sites out there would want to resolve this measure as quickly as possible to be back in the green trusted zone, while those that do not follow up remain in the yellow and eventually lose their certificate.Thank you for your thoughts on the issue, DaveLembke.

Anybody else with thoughts they'd like to share with us?


Discussion

No Comment Found