daveschaefer
commented
10 years ago Hey, good idea, but I'm not sure that notaries disagreeing would always mean things are bad. Some sites (like Google) serve different certificates if the request comes from different countries, or if the request is behind a load balancer and gets redirected to a different server.
Here are some relevant links with more detail:
- https://security.stackexchange.com/questions/41578/why-does-google-ssl-cert-change-so-frequently
- https://security.stackexchange.com/questions/6554/why-does-facebook-serve-several-ssl-certificates
We actually had a discussion about this on the mailing list a while back: https://groups.google.com/forum/#!topic/perspectives-dev/Yc1XM980kfw/discussion
Does that make sense?
cyisfor
ghost
So 75% of your notaries agreed on a name/certificate. What about the other 15%? Shouldn't they be removed or somehow penalized if they're validating bogus certificates, or not validating good ones? It might take time for a certificate to get adopted by a group of notaries, but it still seems like you could guesstimate how long it's reasonable for the notaries to be out of sync, and b& ones that exceed that threshold?
Something like... for each of the ones in the minority, check how long that certificate has been around and if it's too long then disable them. Have a setting where the user can opt for this behavior or not, adjust how patient the watchdog algorithm is, and disable/enable notaries themselves manually like with https://github.com/danwent/Perspectives/issues/102