Re: [Ilc] Clarifications and thoughts purpose of ILC list

[David Mazieres <dm-list-ietf-ilc@scs.stanford.edu>]

Ben Laurie <ben@links.org> writes:

>> Well, there's at least one existence proof, which is the SCP protocol we
>> use at Stellar.  SCP changes the question slightly from whether the
>> system is subvertible to who is being subverted, because it depends on
>> whom people trust.  E.g., if you trust TurkTrust and I trust the
>> conjunction of the ACLU and Google, you might get subverted because
>> TurkTrust has been known to issue bad certificates.  On the other hand,
>> even if Google somehow gets compromised, that won't subvert my view of
>> the world so long as the ACLU remains honest.
>
> OK, so here's where I get to confess that I don't understand Stellar,
> and, worse, I don't know anyone who does.
>
> Is there an idiot's guide somewhere?

Well, there is a cartoon guide, but I don't actually think it will be
useful in this context:

        https://www.stellar.org/stories/adventures-in-galactic-consensus-chapter-1/

The canonical guide is of course the whitepaper, which is probably hard
to read:

        https://www.stellar.org/papers/stellar-consensus-protocol.pdf

Maybe the most accessible rendition right now is my Google tech talk:

        http://www.scs.stanford.edu/~dm/20160606-scp-talk.pdf
        https://www.youtube.com/watch?v=vmwnhZmEZjc&feature=youtu.be

> That said, the properties you claim are also trivially obtainable with
> a CT-like system, so I totally buy it can be done. But I don't see how
> this corresponds to the popular notion of "permissionless"? Not that I
> actually care, btw.

My understanding of CT may be out of date, but I thought CT was a
disjunctive system, as in any log can vouch for a certificate.  As I
envision Internet-level consensus, you could insist on, say, 7 out of 10
log authorities signing off something that guarantees publication of the
certificate.

> a) it seems utterly disconnected with the standard view of
> "permissionless", so I think real care is needed with the charter.

I think the term permissionless may just not be useful in this context,
because even though it has been used to describe systems related to
Internet-level consensus, there are other potential solutions that don't
fit the permissioned/permissionless binary model.

> b) whilst I think everyone should choose who they trust, in practice
> this is mostly totally unusable. The ability to do it is not a system
> problem: you have an answer in Stellar, I have one in CT/Trillian.
> Others exist, I am sure. The problem is usability. Who chooses the CAs
> you trust, for example? Not you (for most values of "you"), that's for
> sure.

Well, in my ideal world the browser vendors would ship some reasonable
default, but if I'm paranoid, I can add the ACLU and EFF, etc.  More
importantly, it should not be a pure disjunction where any CA can issue
any certificate, but rather should require some threshold.  Here we are
veering into CT 2.0 territory, because that's not how certificates
currently work, but there are other transparency applications that could
use such a threshold model from the start.

What consensus mechanism does Trillian plug into?  I had assumed
Trillian was what an individual authority would do, but I could probably
use some education about the bigger picture.

Thanks,
David