Mechanism makes the issuer key auditable (by Certificate Transparency)
akakou opened this issue · 1 comments
akakou commented
We propose the mechanism makes the issuer key auditable.
Problem
Secure fetching the issuer key is a critical challenge for Privacy Pass.
If the issuer chooses a different key for each user, they can track users.
Solution
We propose to enforce issuers to set the (hash of) the issuer key on the X.509 extensions.
This stores the issue key on the Certificate Transparency logs and allows the public to audit it.
Reference
Certificate Transparency:
https://certificate.transparency.dev/
akakou commented
I'm sorry, I misunderstood the Privacy Pass.
Privacy Pass 2.0 can prevent such attacks using zero-knowledge proof.
https://blog.cloudflare.com/supporting-the-latest-version-of-the-privacy-pass-protocol