id	author	title	date	pages	extension	mime	words	sentences	flesch	summary	cache	txt
blog-dshr-org-7999		DSHR's Blog: Certificate Transparency			.html	text/html	5168	491	68	In this post I'm going to look in some detail at Certificate Transparency, an important initiative aimed at improving security and authenticity on the Web, and relate the techniques it uses to those underlying the LOCKSS system. Because Google, Mozilla and others prioritize keeping the Web working over keeping it secure, deleting misbehaving big CAs from trust lists won't happen. These flaws weaken the reliability and effectiveness of encrypted Internet connections and can compromise critical TLS/SSL mechanisms, including domain validation, end-to-end encryption, and the chains of trust set up by certificate authorities. In this way, auditors, monitors and clients cooperate to verify the correct operation of logs, which in turn provides clients with confidence in the [certificate,attestation] pairs they use to secure their communications. The auditor is part of the client, checking at intervals that the certificates in the SCTs it receives from Web servers are correctly stored in the log.	./cache/blog-dshr-org-7999.html	./txt/blog-dshr-org-7999.txt