CONIKS vs Key Transparency vs Certificate Transparency vs Blockchains

Previously, we reviewed Google’s Certificate Transparency efforts, and observed that while it does not prevent MITM attacks, it might detect at least some of them. We compared it to blockchains, and described what a Decentralized Public-key Infrastructure (DPKI), which uses blockchains, might look like. Today we compare these approaches with two new systems: Key Transparency […]

Certificate transparency on blockchains

This week Google learned of another batch of fraudulently issued certificates for several of their domains. At the end of the post they made a renewed call for Certificate Transparency. In this post, we’ll use the acronym CT to refer to Google’s implementation of the general concept of certificate transparency, and we’ll explore other technologies […]

The Trouble with Certificate Transparency

Update: March 25, 2015, see also: Certificate transparency on blockchains Ben Laurie, project lead for Google’s Certificate Transparency (CT), recently published an article wherein he compared CT against various efforts to secure Internet communication world-wide from Man-In-The-Middle Attacks (MITM), including DNSChain. In it, he made several claims about CT and related topics: That CT leads […]