Could be more general: finding subdomains by watching CT logs.
So what is the problem here?
How to "hide" private subdomains?
How to "securely" configure S3 buckets?
IMO, the problem is in the use of the CA system, where control over "names" (e.g. subdomains) is shared with third parties (certificate issuers) instead of being solely with the user who wants to reserve names.
It is possible to have a non-CA PKI system where the user controls both the issuance of the public key and the associated name she will use. In such a system, no third party has control over names. People learn the user's name and the user's key from the same source: the user.
Thus there is no issue of trust re: using third parties, and thus no need for monitoring what names the third parties are issuing, e.g. via "certificate transparency" logs. CT logs do not need to exist.
This is not a new idea and it has been proven to work. I can prepare a post with examples if anyone is interested.
> Could be more general: finding subdomains by watching CT logs.
Yep. Can use crt.sh for this on a per domain level, I also wrote ausdomainledger.net as an experiment to index all subdomains in the .au TLD, querying the CT logs directly, which was a bunch of fun.
> How to "hide" private subdomains?
Symantec provides the option of label redaction (using the '?' symbol) for CT precerts with the certificates they issue. For example: https://crt.sh/?q=?.amazon.com.au . However I'm pretty sure its not supported by the CT RFC ...
Otherwise, I'd say wildcards.
Replacing the CA PKI with something else is very drastic and if possible, will probably take a very long time ...
So what is the problem here?
How to "hide" private subdomains?
How to "securely" configure S3 buckets?
IMO, the problem is in the use of the CA system, where control over "names" (e.g. subdomains) is shared with third parties (certificate issuers) instead of being solely with the user who wants to reserve names.
It is possible to have a non-CA PKI system where the user controls both the issuance of the public key and the associated name she will use. In such a system, no third party has control over names. People learn the user's name and the user's key from the same source: the user.
Thus there is no issue of trust re: using third parties, and thus no need for monitoring what names the third parties are issuing, e.g. via "certificate transparency" logs. CT logs do not need to exist.
This is not a new idea and it has been proven to work. I can prepare a post with examples if anyone is interested.