Certificate Transparency[1], a public log that makes maliciously issued certific... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sandstrom on Jan 6, 2015 \| parent \| context \| favorite \| on: GoGo does not need to run “Man in the Middle Attac... Certificate Transparency[1], a public log that makes maliciously issued certificates easier to detect, will roll out in Chrome [for EVs to begin with] this spring. FF will probably follow. It doesn't solve all CA problems, but it does soothe some. [1] http://www.certificate-transparency.org/

tptacek on Jan 6, 2015 [–]

You don't need CT to detect this; Gogo was using self-signed certificates, which browsers reject all by themselves.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact