[openssl-users] Thoughts about security, privacy, ...
michael at stroeder.com
Fri Oct 30 20:42:15 UTC 2015
Walter H. wrote:
> On Thu, October 29, 2015 11:07, Jakob Bohm wrote:
>> She (Eve) would know that the requesting party Alice
>> was talking to Bob at the very moment she sent Trent
>> the OCSP *request* for Bob's certificate.
>> [...] equivalent of having (almost complete) real time
>> copies of everybody's phone bill/call records.
>> Who was calling who at what time.
> this is not a problem as long as the public keys (the certificates) are
> not really public;
> because in your example Eve doesn't have the knowledge which certificate
> the specific serial number has ...
> if the public keys (the certificates) are searchable by public - the worst
> case direct by a search engine like google - then you would get an
> absolute security whole:
Update for you: https://crt.sh/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4245 bytes
Desc: S/MIME Cryptographic Signature
More information about the openssl-users