%% You should probably cite draft-ietf-trans-threat-analysis-16 instead of this revision. @techreport{ietf-trans-threat-analysis-04, number = {draft-ietf-trans-threat-analysis-04}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-trans-threat-analysis/04/}, author = {Stephen Kent}, title = {{Attack Model and Threat for Certificate Transparency}}, pagetotal = 25, year = 2016, month = feb, day = 1, abstract = {This document describes an attack model and discusses threats for the Web PKI context in which security mechanisms to detect mis- issuance of web site certificates are being developed. The model provides an analysis of detection and remediation mechanisms for both syntactic and semantic mis-issuance. The model introduces an outline of attacks to organize the discussion. The model also describes the roles played by the elements of the Certificate Transparency (CT) system, to establish a context for the model.}, }