Certificate Transparency with Privacy
نویسندگان
چکیده
Certificate transparency (CT) is an elegant mechanism designed to detect when a certificate authority (CA) has issued a certificate incorrectly. Many CAs now support CT and it is being actively deployed in browsers. However, a number of privacy-related challenges remain. In this paper we propose practical solutions to two issues. First, we develop a mechanism that enables web browsers to audit a CT log without violating user privacy. Second, we extend CT to support non-public subdomains.
منابع مشابه
Privacy-awareness in Blockchain-based PKI
Conventional public key infrastructure (PKI) designs are not optimal and contain security flaws; there is much work underway in improving PKI. The properties given by the Bitcoin blockchain and its derivatives are a natural solution to some of the problems with PKI in particular, certificate transparency and elimination of single points of failure. Recently-proposed blockchain PKI designs are b...
متن کاملEnhanced Certificate Transparency and End-to-End Encrypted Mail
The certificate authority model for authenticating public keys of websites has been attacked in recent years, and several proposals have been made to reinforce it. We develop and extend certificate transparency, a proposal in this direction, so that it efficiently handles certificate revocation. We show how this extension can be used to build a secure end-to-end email or messaging system using ...
متن کاملThe Tension between Transparency and Confidentiality in International Arbitrations
The present research study intends to investigate the concepts of transparency, confidentiality and privacy within the scope of Investor-State Arbitration and International Commercial Arbitration.Transparency, confidentiality and privacy are the main pillars of international arbitration which have a close relationship together, however in some cases they are in a controversial situation. The te...
متن کاملCertificate Transparency with Enhancements and Short Proofs
Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting malicious websites if they are provisioned with mistakenly issued certificates or certificates that have been issued by a compromised certificate authority. Google proposed certificate transparency which is an open framework to monitor and audit certif...
متن کاملContour: A Practical System for Binary Transparency
Transparency is crucial in security-critical applications that rely on authoritative information, as it provides a robust mechanism for holding these authorities accountable for their actions. A number of solutions have emerged in recent years that provide transparency in the setting of certificate issuance, and Bitcoin provides an example of how to enforce transparency in a financial setting. ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- PoPETs
دوره 2017 شماره
صفحات -
تاریخ انتشار 2017