cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor I

Certificate Transparency (CT) looks promising to the rescue

 

Browsers can usually detect malicious websites that are provisioned with forged or fake x.509 certificates. Thanks to digital signatures and encryption. However, current cryptographic mechanisms aren’t so good at detecting malicious websites if they’re provisioned with mistakenly issued certificates or certificates that have been issued by a certificate authority (CA) that’s been compromised or gone rogue. This type of CT protects against the possibility that a public CA may be compromised.

 

Certificate Transparency RFC:6962

https://tools.ietf.org/html/rfc6962

 

 

Mouli, CISSP