top | item 8338839

(no title)

Ideally the certificate would be worth, or have a value associated greater than that of the transactions being handled by the site it is protecting; Then the attacker has more to gain by invalidating the certificate than intercepting traffic. Otherwise you have the same situation that we have now with current certificates without a decentralised store of value associated.

Also, every day CA's could sign these certificate requests, and so you have the equivalent to trusted root today. One thing that is advantagous here is that even trusted CA's cannot reproduce a 'trusted' certificate without spending the same amount of cryptocurrency. This would defend against firewall/IPS MiTM that is occuring today.

I brought this whole topic up because of the likeness with blockchains and certificate transparency. My argument is that why would CA's have an incentive to maintain the certificate transparency chain, when you already have many people with an incentive to maintain the bitcoin blockchain.

Validation, or checking for validity of the certificate can be done either through a 3rd party lookup service like blockchain.info or inspection of the blockchain with the wallet software.

I think that adoption of certificates like this would require modification to TLS protocols, or at least some application support to require certain types of certificates - just like EV or Certificate Pinning.

discuss

iancarroll|11 years ago

Not all sites deal with transactions (ex: my personal site). This would pretty much reverse any adoption rates TLS has. (who wants to pay >$200 for a certificate?) For example, Wells Fargo has like 840 billion in loans. They obviously don't want to pay $800 billion for an SSL certificate, and they'd lose that $800 billion if one file is compromised...

Right now, you can essentially pay to be a certificate authority. This just allows you to pay per site you want to attack.