Re: [therightkey] LC comments on draft-laurie-pki-sunlight-05
Ben Laurie <benl@google.com> Fri, 22 February 2013 11:18 UTC
Return-Path: <benl@google.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB51A21F8740 for <ietf@ietfa.amsl.com>; Fri, 22 Feb 2013 03:18:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.978
X-Spam-Level:
X-Spam-Status: No, score=-101.978 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EV6Czxnh4Tio for <ietf@ietfa.amsl.com>; Fri, 22 Feb 2013 03:18:48 -0800 (PST)
Received: from mail-ia0-x229.google.com (ia-in-x0229.1e100.net [IPv6:2607:f8b0:4001:c02::229]) by ietfa.amsl.com (Postfix) with ESMTP id CC1D621F8721 for <ietf@ietf.org>; Fri, 22 Feb 2013 03:18:42 -0800 (PST)
Received: by mail-ia0-f169.google.com with SMTP id j5so445842iaf.28 for <ietf@ietf.org>; Fri, 22 Feb 2013 03:18:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=ZwGzg2BH62kO5rVkpbM2lcWy9kHgZGwHszJsALrYc4g=; b=L7E/4p5VPOx58/lpz1QOazigUp4WpYhpYLCBUQFs5d4ycZSv88kU+aSDK5N4kIc3Ty A1iKXlHP52HoSWiAIAJClCdrYHubniel0GUN2lPBX5E7RpHej5dc4TZMt40XyKbsgEaG QPDJypbm8H1whmJMC0/tT3zOAyc/FOOOM11qzCK/SKQgbpJGXSRLP7Qh4j0mQmMDwsZD VnmclVGVhzhIlXFbV7MVcNYF16Vtx8qcZ2qMqFTQyIy99/lT5Jh0Uqfov1jOwd9Rh63q QsjeQF3eJ/u5zwywhgb3CAWxRJJzYxRx/wkgqhnMH742O1FvbAhc0ZNkk/YCBkgrbdol LMvQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:x-gm-message-state; bh=ZwGzg2BH62kO5rVkpbM2lcWy9kHgZGwHszJsALrYc4g=; b=T+FqW5lTIJijYURCSUFXefgyfppvAW19CMShx7q2wRzZ2dXgGfqXtMD+K0lOOQxiJd 98Jw7JDkWnsBo2c8fud9Bdc5SNqhNfuD5v0w2MxxiNAKSvuhiGVJYzM4JXTw3aEa9LUa nOjLwhknzir6e1aJUSY/QGLAphqIapqHvE554V6wb7C7HjZ++MWTyu2hQLcFl2/rYDmv wIkJbNVFx2pFvu3A0U3l3baRcRJmSMaBsOvv73LEqgAk0EUwEeYq1a7fXvacg59lihxg oOJWOx2VHIMthkPCREC7dfiN3YlOQoBED7+bC5lXXU5maXLWYYnGv5xHZGCPHt318gMw skrw==
MIME-Version: 1.0
X-Received: by 10.50.212.3 with SMTP id ng3mr713534igc.43.1361531922420; Fri, 22 Feb 2013 03:18:42 -0800 (PST)
Received: by 10.64.140.71 with HTTP; Fri, 22 Feb 2013 03:18:42 -0800 (PST)
In-Reply-To: <CAMm+LwjM6w1jdZj8Z9bmBjUJ0VQMaZdGHMG4EupRtMxuDb=12w@mail.gmail.com>
References: <CABrd9SQMAGtOTcWVaUfxRE9SZS2dZVhUa3WbJVk8or_LxH6i1w@mail.gmail.com> <CAMm+LwiCQXq9ZLMGtVQMsS8MN9HRDtjg2DqTk9B8S6A7Q38J8w@mail.gmail.com> <CABrd9SS7as7S3vz2AEOJQruCF7aJRSVGjaG6awV9YWyuQaadWQ@mail.gmail.com> <CAMm+LwjM6w1jdZj8Z9bmBjUJ0VQMaZdGHMG4EupRtMxuDb=12w@mail.gmail.com>
Date: Fri, 22 Feb 2013 11:18:42 +0000
Message-ID: <CABrd9SR0z+aWUvW0Ok+hsbi+5rYkuQYzSaZxUCi3VcT+_XPzcQ@mail.gmail.com>
Subject: Re: [therightkey] LC comments on draft-laurie-pki-sunlight-05
From: Ben Laurie <benl@google.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Gm-Message-State: ALoCoQlW6+oh422cjqIJz7Im03RVaobaidh8femIQL8MFxeZYvyDxmOyJ+hI1USnUCMcTAUCrvjMRS9DmYbUOQe6qU9/JlOauKv90mNvAKl0bWKQKOwWI8BWQfVQq12V8Fg/LAvQUwL7L4HnhfJNeo52qq8Bato2bV8OAZ19X2AOYjgjIKI36Nfpj8BgYZDr7LN+yNYeMPAE
Cc: Emilia Kasper <ekasper@google.com>, "therightkey@ietf.org" <therightkey@ietf.org>, Adam Langley <agl@google.com>, IETF Discussion List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2013 11:18:48 -0000
On 17 February 2013 00:24, Phillip Hallam-Baker <hallam@gmail.com> wrote: > > > On Sat, Feb 16, 2013 at 1:55 PM, Ben Laurie <benl@google.com> wrote: >> >> On 16 February 2013 10:22, Phillip Hallam-Baker <hallam@gmail.com> wrote: >> > Sorry for the delay but I have been thinking of CT and in particular the >> > issues of >> > >> > * Latency for the CA waiting for a notary server to respond >> > * Business models for notary servers >> > >> > As a rule open source software works really well as the marginal cost of >> > production is zero. Open source services tend to sux because even though >> > the >> > marginal cost of a service is negligible, large numbers times negligible >> > adds up to big numbers. Running a DNS server for a university department >> > costs very little, running it for the whole university starts to cost >> > real >> > money and running a registry like .com with 99.9999% reliability ends up >> > with $100 million hardware costs. >> > >> > So the idea that I plug my business into a network of notary servers >> > being >> > run by amateurs or as a community service is a non-starter for me. We >> > have >> > to align the responsibility for running any server that the CA has a >> > critical dependency on with a business model. >> >> Note that we do not expect CAs to talk to _all_ log servers, only >> those that are appropriately responsive - and also note that a CA can >> fire off a dozen log requests in parallel and then just use the first >> three that come back, which would deal with any temporary log issues. >> >> We should probably add this ability to the open source stack at some >> point. >> >> > Looking at the CT proposal, it seems to me that we could fix the >> > business >> > model issue and remove a lot of the CA operational issues as follows: >> > >> > 1) Each browser provider that is interested in enforcing a CT >> > requirement >> > stands up a meta-notary server. >> > >> > 2) Each CA runs their own notary server and this is the only resource >> > that >> > needs to have a check in at certificate issue. >> >> Isn't this part the only part that's actually needed? The >> meta-notaries seem like redundant extra complication (and also sound >> like they fulfil essentially the same role as monitors). >> >> I assume, btw, that by "notary server" you mean "log server"? >> >> Also, if a CA only uses its own log, what happens when it screws up >> and gets its log struck off the list of trusted logs? This is why we >> recommend some redundancy in log signatures. > > > That is the reason for checkpointing against meta notaries. > > Otherwise a CA might not actually release the logs. An unreleased log is not compliant - and so would not be accepted by browsers.
- LC comments on draft-laurie-pki-sunlight-05 =JeffH
- Re: LC comments on draft-laurie-pki-sunlight-05 Ben Laurie
- Re: LC comments on draft-laurie-pki-sunlight-05 =JeffH
- Re: LC comments on draft-laurie-pki-sunlight-05 Ben Laurie
- Re: [therightkey] LC comments on draft-laurie-pki… Phillip Hallam-Baker
- Re: [therightkey] LC comments on draft-laurie-pki… Paul Hoffman
- Re: [therightkey] LC comments on draft-laurie-pki… Ben Laurie
- Re: [therightkey] LC comments on draft-laurie-pki… Phillip Hallam-Baker
- Re: [therightkey] LC comments on draft-laurie-pki… Ben Laurie