Comment by donmcronald
3 days ago
> They just have to check any login attempts against that ledger - easy enough.
So like CT logs, but several orders of magnitude bigger? I thought centralized TLS revocation lists failed due to scale. How will this differ?
Just crypto tie them to the server/site and let them do it, CRLs were an issue due to distribution to every device, not because of a hastable like sparse set structure being too much. Also this isn't every connection, but only every time you (attempt to) verify your age.