After publishing our Certificate transparency on blockchains we learned of a recently updated IETF draft proposal that updates how Certificate Transparency (CT)1 gossip protocols work.

The proposal now incorporates the technique of sharing SCTs and certificates between clients and servers that we discussed in our September post on CT:

On the other hand, if CT switches to using SCTs for gossip, that might successfully catch the CA responsible if the MITM leaves and if the server software keeps track of all the certs it issued.

See Section 3.1.1 of the draft for the details (and related discussion from the CT mailing list).

This is fantastic news from the world of CT. It means that CT can now actually live up to its claim of catching MITM attacks after they’ve occurred, with the following caveats:

  • For this to work, both client and server software must properly implement this functionality.
  • Client and server software need to require this form of gossip for TLS connections to be initiated.
  • Server software must keep track of whether or not previously revoked certificates are being used for MITM.
  • Server software must properly alert website administrators that a MITM attack took place, and they then must be provided with some sort of actionable steps that lead to real consequences for the MITM.
  • Web administrators should not rely on another organization to serve HTTPS content for them (otherwise they are trusting that organization to properly monitor and report attacks, which they might not do).

We’re thrilled to learn of this development and we wish the IETF CT working group the best of luck in turning these proposals into reality.

We still think it’s more meaningful to prevent the attacks in the first place, but reliable detection of MITM attacks is a real improvement over the web we have today.

1 We use “CT” and Certificate Transparency (caps) to refer to Google’s implementation of the concept of certificate transparency (public, append-only log(s) of issued certificates).

Acknowledgements

Thanks to Andrea Devers and Dionysis Zindros for reading drafts of this post, Paul Wouters, Dmitry Belyavsky, and the [trans] mailing list for their feedback, and of course Linus Nordberg and Daniel Gillmor for drafting this update of CT’s gossip protocols.

Vote on HN.

For updates on our work, follow @okTurtles and @DNSChain on twitter.

Donating = Loving!
You can empower our work by donating!

One thought on “Certificate Transparency’s improved gossip protocols show promise

  1. Pingback: CONIKS vs Key Transparency vs Certificate Transparency vs Blockchains » okTurtles Blog

Leave a Reply

Your email address will not be published. Required fields are marked *