Re: [openpgp] Timestamping

Peter Todd <pete@petertodd.org> Sat, 04 May 2013 18:51 UTC

Return-Path: <pete@petertodd.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F23321F9677 for <openpgp@ietfa.amsl.com>; Sat, 4 May 2013 11:51:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZG9c8CJt1fJU for <openpgp@ietfa.amsl.com>; Sat, 4 May 2013 11:51:07 -0700 (PDT)
Received: from outmail148111.authsmtp.net (outmail148111.authsmtp.net [62.13.148.111]) by ietfa.amsl.com (Postfix) with ESMTP id 71F0821F9675 for <openpgp@ietf.org>; Sat, 4 May 2013 11:51:07 -0700 (PDT)
Received: from mail-c233.authsmtp.com (mail-c233.authsmtp.com [62.13.128.233]) by punt8.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id r44Ip5eX083465; Sat, 4 May 2013 19:51:05 +0100 (BST)
Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r44IowbJ070049 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Sat, 4 May 2013 19:51:00 +0100 (BST)
Date: Sat, 4 May 2013 14:50:57 -0400
From: Peter Todd <pete@petertodd.org>
To: Ben Laurie <ben@links.org>
Message-ID: <20130504185057.GA27568@savin>
References: <20130503174015.GA4310@petertodd.org> <CAG5KPzyNQzg=hnR9X8PUGHGhhminQad4OhzjNFWCQx3zUQb1UQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="h31gzZEtNLTqOjlF"
Content-Disposition: inline
In-Reply-To: <CAG5KPzyNQzg=hnR9X8PUGHGhhminQad4OhzjNFWCQx3zUQb1UQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: 908c89b9-b4eb-11e2-a49c-0025907707a1
X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aAdMdgYUFVQNAgsB AmUbWl1eVVx7WWM7 bAxPbAVDY01GQQRq WVdMSlVNFUsqBRh4 WVlMKBl1dwVCcTB3 ZkBqEHlbVBdyfBR0 XxxQQD8bZGY1an1O VEkLagNUcgZDfhhC alcuVT1vNG8XDSUg EgkrMCgEdQleLSlO XggINVMUTi4I
X-Authentic-SMTP: 61633532353630.1021:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.109/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system.
Cc: openpgp@ietf.org
Subject: Re: [openpgp] Timestamping
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 May 2013 18:51:21 -0000

On Fri, May 03, 2013 at 08:06:43PM +0100, Ben Laurie wrote:
> You might be interested in Certificate Transparency:
> http://www.links.org/files/CertificateTransparencyVersion2.1a.pdf

I think I've read that paper before actually, or perhaps the EFF's
version, but yes, CA transparency schemes are interesting to me and I
think they too could benefit from timestamping as an additional source
of auditing.

Bitcoin in particular I find interesting because it's the first
trustworthy *decentralized* timestamping scheme to be created. Its
timestamps aren't particularly accurate - Bitcoin has a rule where every
node accepts blocks with a timestamp less than 2 hours ahead of what it
believes the time is - but they can be used in conjunction with other
centralized timestamping schemes to give the guarantee that if the
timestamp was faked, it was at least done so in the past!

Obviously the same guarantee is useful for CA auditing, but I'm probably
getting off-topic here...

-- 
'peter'[:-1]@petertodd.org
000000000000001e37401431b5d24c5f798773655e7fe23cc6bbe3a6a871e492