IETF Logo Mail Archive

Re: [perpass] Draft charter for a Transparency Working Group

Phillip Hallam-Baker <hallam@gmail.com> Wed, 11 December 2013 21:50 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B5C61AE12D; Wed, 11 Dec 2013 13:50:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KlNblSQJCldC; Wed, 11 Dec 2013 13:50:15 -0800 (PST)
Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 6D26B1AE11B; Wed, 11 Dec 2013 13:50:15 -0800 (PST)
Received: by mail-we0-f172.google.com with SMTP id w62so7213185wes.3 for <multiple recipients>; Wed, 11 Dec 2013 13:50:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=YdmJWSnNncl1loJeB6cYYWy3ycRbKGb3wgMVHc7zTSQ=; b=l5u3y8o3tMR/x32hBwc1tC7ZWp5JzF6/0GnxReCWqDdfxKS6VJez+uSb7d/ZxGyY7O BmI2tF9hgtIaJLEI792qJPo/qmRbnwpOzx0pllOVQ5YilByCE3zORvtlfIxazuL4/RfO cYG1fFBD0s99r+jun8jcI9AGFZCFazeOXFM+HHkBlbJi9F6by8hPAXyV9mNVgjM6WJ4w iFF1BEGKPUNtT3i6nazgK+79qB3JfoZ77xyb5xgExeDjF+8ic+xRHwFRy/GIQ0XreO9j uw5kSnSfTbCzGxiUoIFZH60zGACK3BDd/Yn3tIRLCuWMj0NVcvmjX7HKNraN7ZpVZWPg 1L7A==
MIME-Version: 1.0
X-Received: by 10.194.11.38 with SMTP id n6mr3357557wjb.25.1386798609207; Wed, 11 Dec 2013 13:50:09 -0800 (PST)
Received: by 10.194.243.136 with HTTP; Wed, 11 Dec 2013 13:50:08 -0800 (PST)
In-Reply-To: <CABrd9SS9FGsm-waznAHeMr33XzprhRF=DXVjknyL-7bOyArAxg@mail.gmail.com>
References: <CABrd9STYF166vXEXNneJfPyfo5VG3LPKmzyZpAhvYnDTsy_U9g@mail.gmail.com> <52A8B1D0.2080304@dcrocker.net> <CABrd9SS9FGsm-waznAHeMr33XzprhRF=DXVjknyL-7bOyArAxg@mail.gmail.com>
Date: Wed, 11 Dec 2013 16:50:08 -0500
Message-ID: <CAMm+LwjNXpszKMqXr231Vti=pfwYn98Fgmuv1T5M__nhGmZHQw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ben Laurie <benl@google.com>
Content-Type: multipart/alternative; boundary="047d7b5d57107a377504ed4936fc"
Cc: perpass <perpass@ietf.org>, Dave Crocker <dcrocker@bbiw.net>, "saag@ietf.org" <saag@ietf.org>
Subject: Re: [perpass] Draft charter for a Transparency Working Group
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 21:50:17 -0000

On Wed, Dec 11, 2013 at 1:52 PM, Ben Laurie <benl@google.com> wrote:

> On 11 December 2013 18:41, Dave Crocker <dhc@dcrocker.net> wrote:
> > On 12/11/2013 10:32 AM, Ben Laurie wrote:
> >>
> >> http://www.ietf.org/mail-archive/web/therightkey/current/msg00680.html
> >
> >
> >
> > The text isn't a draft charter.  It's a very generic statement of an
> idea.
> > Formulating that into the detail an actual charter will be helpful.
> >
> > The text needs to give some explanation of what is being proposed,
> beyond a
> > highly cryptic label like "Cryptographically verifiable logs".  A term
> like
> > that could mean many things and from the message, I can't tell what is
> > meant.
> >
> > The text needs to explain what sort of usage scenario is expected, with
> > enough detail to make the scenario substantive.  That permits the reader
> to
> > get a sense of basic/likely relevance to operational environments.
>
> Am I allowed to refer to RFC 6962 for background?
>
> Reiterating what's in there doesn't seem useful.


Well how far do we want the group to be allowed to stray from RFC 6962?

One approach would be to divide the problem up into two parts:

* An append only log that provides a cryptographic assurance of integrity
that is independent of the trustworthiness of the log maintainer from the
time of the last checkpoint.

* Application of the above to the specific use cases

Initial use cases that the WG agreed to deliver might be

* PKIX certificate signing certificates
* PKIX TLS end entity certificates

Use cases that are in scope but without a delivery undertaking might be
OpenPGP, S/MIME, etc.




-- 
Website: http://hallambaker.com/

v2.31.3 | Report a Bug | By Email | System Status