Re: [Trans] Gossiping in CT

Tao Effect <> Sat, 27 September 2014 17:11 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 358D31A1BCF for <>; Sat, 27 Sep 2014 10:11:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.334
X-Spam-Status: No, score=-1.334 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id RcjVZE3yYNo1 for <>; Sat, 27 Sep 2014 10:11:36 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 063A71A1BB8 for <>; Sat, 27 Sep 2014 10:11:36 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id C01C73BC06B; Sat, 27 Sep 2014 10:11:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h= content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to;; bh=6h+FDs75f2EjtJAro 1O0UtUm+tY=; b=TNrKTquVhpNpMI4ICYdZAOO5tB03h0TsgMOXT5ME71vjPbeCz mTc06qF3dbV9ZWgtMwdcXCHCw3+BRtX1cIARJ+M3BH5lmHlpsVE9rd5uCvKw6DbF tBkRmnm4eBzGDWj83ZPV8sZRT7nrDlqCt+kUDuHByAbpEeFUqubbh+DGDw=
Received: from [] ( []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: by (Postfix) with ESMTPSA id 6F0B73BC06A; Sat, 27 Sep 2014 10:11:35 -0700 (PDT)
Content-Type: multipart/signed; boundary="Apple-Mail=_45A0DA28-5470-4CE1-A979-90F0130B86CE"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Pgp-Agent: GPGMail 2.1 (f76fd85)
From: Tao Effect <>
In-Reply-To: <>
Date: Sat, 27 Sep 2014 10:11:34 -0700
X-Mao-Original-Outgoing-Id: 433530694.579639-c8147d84b4cb8f0b0ce8edb5c3a915c0
Message-Id: <>
References: <>
To: Linus Nordberg <>
X-Mailer: Apple Mail (2.1878.6)
Subject: Re: [Trans] Gossiping in CT
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 27 Sep 2014 17:11:37 -0000

Dear Linus,

Thanks for starting this thread on Gossip!

> It's been suggested that web browsers should use TLS connections to web
> servers for gossiping. One argument for that is that this makes the
> attack of blocking the gossiping messages hard to get away with without
> people noticing because it means blocking TLS to all servers
> participating.

I just want to point out that successful gossip does not protect clients against MITM from mis-issued certificates. It also does not detect mis-issued certificates.

The selective partitioning of a log is one attack, but the standard attack that we have today, which doesn't require partitioning of a log, is not detected by CT's gossip as elaborated on in the "Threat model outline, attack model" thread, here (and in followup replies):

Kind regards,
Greg Slepak

Please do not email me anything that you are not comfortable also sharing with the NSA.