Re: [Ilc] [saag] Distributed ledgers and control

Eric Rescorla <ekr@rtfm.com> Wed, 29 March 2017 13:25 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: ilc@ietfa.amsl.com
Delivered-To: ilc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 090C61294EC for <ilc@ietfa.amsl.com>; Wed, 29 Mar 2017 06:25:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PE-yPblS4bD7 for <ilc@ietfa.amsl.com>; Wed, 29 Mar 2017 06:24:59 -0700 (PDT)
Received: from mail-yw0-x22b.google.com (mail-yw0-x22b.google.com [IPv6:2607:f8b0:4002:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FC39126DD9 for <ilc@ietf.org>; Wed, 29 Mar 2017 06:24:59 -0700 (PDT)
Received: by mail-yw0-x22b.google.com with SMTP id d191so10313242ywe.2 for <ilc@ietf.org>; Wed, 29 Mar 2017 06:24:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bA4kvGwdVnRevzGyyNsGfvZFnBBBLYIiXJ1ZmzvcBR4=; b=WIt1BL4tEhH0QMb3EOxVgoX7W/t83AZXJHX/4rhwqLim/nbZLcpMSBGxlVgUyURtAI iy3BYTMoy+ih0PykSy9BAsbPgvR9E9AKLLPay77Zc01k3ZuhNY1z0xp6U+n8ddApeQzW qYpPuJwN5z10xZvr1VUshFLab50zClMD3QWSrWI7rtleyyn2KvYi2G1QxLJtNv2YKz72 l/XG2b66EBxfGwH5GD9dsgX+THH4RMgicYf1pZNNMDUHOIa9kTGhtiXArt7cBaYeO3H2 I6sRljEhOt+B7jt6NkaBH+CxsiHVKeBnappnP9QQndMPd4S9PLzetdSvQostvOGntL6l 89qQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bA4kvGwdVnRevzGyyNsGfvZFnBBBLYIiXJ1ZmzvcBR4=; b=qWMOGEM/nf1ozGQFDLKJeh2qVGgNVp4ARIn9dXwNinBcxbrAcNWRQt1LIrpeZitlLj MNxrjrZa5P6lsxqoxFgFNNTEZnagZuNAaj6GFmETUEfGPLc09syWA93DTPyJW6m4mQ42 T3YhA/Psts/MPl4QhOxeG4fDU0DT0Ta76sz5LITEGObqfvT/iMKkxsEi2YvMRD5Nm5mv MnnkFK+jWKRZb6tsXzzaAFyhnmTJH1DWFk8oyQDxW9X/xbRRx+WEdGd3v/ai8b9NfJz6 uXo/tY13Ffe9/CpMP04fWe7j5d1q52kecqjmSgtwgzPjI+JrAE++0d4GULbU3IBi4wIw 1+yA==
X-Gm-Message-State: AFeK/H2JePOItD0MhywBertCivvGpneyM+6+OhjMjEDcX5j1FvZdckKif3TCFM0PZWTTsa1O+amL4duzQ3RnNw==
X-Received: by 10.129.177.8 with SMTP id p8mr413311ywh.327.1490793898250; Wed, 29 Mar 2017 06:24:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.154.210 with HTTP; Wed, 29 Mar 2017 06:24:17 -0700 (PDT)
In-Reply-To: <87inmsxq9f.fsf@ta.scs.stanford.edu>
References: <7A8F415A-3BE0-46D4-80FF-B8DB50634B94@vpnc.org> <87inmsxq9f.fsf@ta.scs.stanford.edu>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 29 Mar 2017 08:24:17 -0500
Message-ID: <CABcZeBNdTxT0A6g6T+=1N7_0OEryekFqYfJHb-ej9OV_qTuafQ@mail.gmail.com>
To: David Mazieres expires 2017-06-27 PDT <mazieres-7kjfd7jny6nqhpqvs8psccye9s@temporary-address.scs.stanford.edu>
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, "saag@ietf.org" <saag@ietf.org>, ilc@ietf.org
Content-Type: multipart/alternative; boundary=94eb2c13ce38bd2b34054bde8041
Archived-At: <https://mailarchive.ietf.org/arch/msg/ilc/GUITBfzJbu7jdQXXjxZDsEo7ung>
X-Mailman-Approved-At: Wed, 29 Mar 2017 09:05:45 -0700
Subject: Re: [Ilc] [saag] Distributed ledgers and control
X-BeenThere: ilc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussion of mechanisms and applications for Internet-level consensus." <ilc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ilc>, <mailto:ilc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ilc/>
List-Post: <mailto:ilc@ietf.org>
List-Help: <mailto:ilc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ilc>, <mailto:ilc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2017 13:25:02 -0000

On Wed, Mar 29, 2017 at 6:43 AM, David Mazieres <
dm-list-ietf-ilc@scs.stanford.edu> wrote
>
> Furthermore, the notion of a blockchain-esque public log can be
> leveraged for various forms of transparency.  For instance, last year
> there was a controversy in which Apple claimed to refuse an FBI request
> to sign a special compromised iPhone bootloader.  Unfortunately, for all
> we know, Apple may have signed the software after all while claiming not
> to for the PR benefit.  That they probably didn't yields the worst of
> both worlds--angering the FBI and still spooking potential customers.
> Requiring firmware updates to be published in a public log would allow
> the public to verify whether or not such activity is happening.


Just for those who may not be tracking this kind of work, this is something
that's starting to happen, though typically with semi-centralized consensus
mechanisms. In that form, it's generally known as "Binary Transparency".

See, for instance:

- https://groups.google.com/forum/#!forum/binary-transparency
and
- https://wiki.mozilla.org/Security/Binary_Transparency

-Ekr


> David
>
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
>