https://community.isc2.org/t5/Tech-Talk/Certificate-Transparency-CT-looks-promising-to-the-rescue/m-p/21664#M1199 <P>&nbsp;</P><P><SPAN>Browsers can usually detect malicious websites that are provisioned with forged or fake x.509 certificates. Thanks to digital signatures and encryption. However, current cryptographic mechanisms aren’t so good at detecting malicious websites if they’re provisioned with mistakenly issued certificates or certificates that have been issued by a certificate authority (CA) that’s been compromised or gone rogue.&nbsp;</SPAN>This type of CT protects against the possibility that a public CA may be compromised.</P><P>&nbsp;</P><P>Certificate Transparency RFC:6962</P><P><A href="https://tools.ietf.org/html/rfc6962" target="_blank">https://tools.ietf.org/html/rfc6962</A></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 29 Apr 2019 06:03:56 GMT iluom 2019-04-29T06:03:56Z https://community.isc2.org/t5/Tech-Talk/Certificate-Transparency-CT-looks-promising-to-the-rescue/m-p/21664#M1199 <P>&nbsp;</P><P><SPAN>Browsers can usually detect malicious websites that are provisioned with forged or fake x.509 certificates. Thanks to digital signatures and encryption. However, current cryptographic mechanisms aren’t so good at detecting malicious websites if they’re provisioned with mistakenly issued certificates or certificates that have been issued by a certificate authority (CA) that’s been compromised or gone rogue.&nbsp;</SPAN>This type of CT protects against the possibility that a public CA may be compromised.</P><P>&nbsp;</P><P>Certificate Transparency RFC:6962</P><P><A href="https://tools.ietf.org/html/rfc6962" target="_blank">https://tools.ietf.org/html/rfc6962</A></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 29 Apr 2019 06:03:56 GMT https://community.isc2.org/t5/Tech-Talk/Certificate-Transparency-CT-looks-promising-to-the-rescue/m-p/21664#M1199 iluom 2019-04-29T06:03:56Z