IETF Logo Mail Archive

Re: [perpass] Draft charter for a Transparency Working Group

Ben Laurie <benl@google.com> Mon, 06 January 2014 17:02 UTC

Return-Path: <benl@google.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3DAB1AE111 for <perpass@ietfa.amsl.com>; Mon, 6 Jan 2014 09:02:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.917
X-Spam-Level:
X-Spam-Status: No, score=-1.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SsD0SiKY4NKp for <perpass@ietfa.amsl.com>; Mon, 6 Jan 2014 09:02:23 -0800 (PST)
Received: from mail-vc0-x231.google.com (mail-vc0-x231.google.com [IPv6:2607:f8b0:400c:c03::231]) by ietfa.amsl.com (Postfix) with ESMTP id 2268B1AE100 for <perpass@ietf.org>; Mon, 6 Jan 2014 09:02:23 -0800 (PST)
Received: by mail-vc0-f177.google.com with SMTP id le5so1295621vcb.36 for <perpass@ietf.org>; Mon, 06 Jan 2014 09:02:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=BbPqWKvwWplYG8M5vOLkqxUwNweYjpIZsNhKr1FK0Uw=; b=b1j1TJGHf5MJxCuqnX9I//XoZHtHk9+z/fLh+lljOsCibNNGATxN8JUgpWpv8fqIFI 9haOZ1a/7TxK25u69IbMebH9ZNutB01idEqKGOHyUsQuP1PTv1BDA0gfNOpfYEI9a5wk g/shs2ragv5qG7xff/9rVrzkGLxVeBb9shmfrmizG3g2Wr8gKo233TH2wwhF4OwhN0xJ Y6KSvE+5HM+N5ew91Fglb+z1N8VjQOp2BmxkoB7OY97G56Os1c2Jjm1YlknDcS8K4/R5 UhAUAP/6SR14b24G2J9B+T/2fF8QIfxV3iJzHISl0pER6Q6HzrEx7lHK+g1LWMpwxwwG DrcQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=BbPqWKvwWplYG8M5vOLkqxUwNweYjpIZsNhKr1FK0Uw=; b=NvMF8z8NLj4m5LZT5SUuLNeMO0BoGnY1/D/1lSzlwdZOfzWszzAbRNv42qJqTzpqNg af7kh/UFJhxmECaMXC+GkWwYy7BN9PHGM9gkvboJf4XiTG5LL1Wu6qSh1ks2rqKZDLfD o+tikreuX1DrOcLdpYAAPJNAvZsEEkgSaFMeMXVuAy5Il/bsrgY5IKr4tB4zTCU2gO0Q kFyyl/CP8hYI3aCcma9j4MKghIWqTWqSa/uWm1SzWrs0AnCg7VL0nHeLN8ntjkZwGk0Y 0A4wZxb/gKZHMJwEaiiYXmSUjpQKNBuWeT9yqaS+nYPqdQ93wpUomDz7TtlOqhB+yWgY vZWw==
X-Gm-Message-State: ALoCoQnOGZ09WWNlOoTDf49UXQywSvxiFFN9cDi2lISKibGf8pCKq67VlZ2NJkupF9xSeF0cnBCUCV+CBlSNz32ih60g5Gi/yEFuALRIKjHibI6vffzys9wgNPM6y0FnKRTH7ojk2B+JKqnYiuKXZZPLKLS/FfVxzX3q2T1oLEW/Sb1mQzbymAm6b25eomFvTH/SHeu474MU
MIME-Version: 1.0
X-Received: by 10.52.33.178 with SMTP id s18mr3230491vdi.39.1389027734368; Mon, 06 Jan 2014 09:02:14 -0800 (PST)
Received: by 10.52.169.202 with HTTP; Mon, 6 Jan 2014 09:02:14 -0800 (PST)
In-Reply-To: <52C19300.3050201@bbn.com>
References: <CABrd9STYF166vXEXNneJfPyfo5VG3LPKmzyZpAhvYnDTsy_U9g@mail.gmail.com> <52A8B1D0.2080304@dcrocker.net> <CABrd9SS9FGsm-waznAHeMr33XzprhRF=DXVjknyL-7bOyArAxg@mail.gmail.com> <CAMm+LwjNXpszKMqXr231Vti=pfwYn98Fgmuv1T5M__nhGmZHQw@mail.gmail.com> <CABrd9SSYnBRtecDSwUZUjvKJPLB+XX6Kk_9NHtQ=X-5jo4jGxQ@mail.gmail.com> <52A8E0E9.5020409@dcrocker.net> <CABrd9ST+CKNNHZ-jLd1=boeWUh-sjZf1WF5fmayCF7+DjnD65w@mail.gmail.com> <52A9E61C.8030300@bbn.com> <CABrd9SSMs0+73R9Ug3tnLGt-56sYz0XEzy1RGYy=Yx7KM4r--w@mail.gmail.com> <52C19300.3050201@bbn.com>
Date: Mon, 06 Jan 2014 17:02:14 +0000
Message-ID: <CABrd9SQHq+AkvvJQ6-XuwmDyT8-662GeavcU47jFoYYN8v1CAg@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: perpass <perpass@ietf.org>, saag <saag@ietf.org>
Subject: Re: [perpass] Draft charter for a Transparency Working Group
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2014 17:02:29 -0000

On 30 December 2013 15:36, Stephen Kent <kent@bbn.com> wrote:
> Ben,
>
>> How's this?
>>
>> [1] A cryptographically verifiable log is an append-only log of hashes
>> of more-or-less anything that can prove its own correctness
>> cryptographically.
>>
>> For example, from RFC 6962: “The append-only property of each log is
>> technically achieved using Merkle Trees, which can be used to show
>> that any particular version of the log is a superset of any particular
>> previous version. Likewise, Merkle Trees avoid the need to blindly
>> trust logs: if a log attempts to show different things to different
>> people, this can be efficiently detected by comparing tree roots and
>> consistency proofs. Similarly, other misbehaviours of any log (e.g.,
>> issuing signed timestamps for certificates they then don't log) can be
>> efficiently detected and proved to the world at large.”
>>
>> See RFC 6962,
>> http://www.links.org/files/CertificateTransparencyVersion2.1a.pdf
>> and http://www.links.org/files/RevocationTransparency.pdf for
>> background.
>>
> Sorry to be so late in responding; holidays ...

Likewise.

> The text describing how 6962 uses Merkle trees is good. I think the
> phrase "prove its own correctness" is way too broad. The example
> you cite shows how to demonstrate internal consistency for a log,
> and to enable third parties to verify certain lob properties. That
> is much narrower than what the term "correctness" implies.

How about, instead of "can prove its own correctness
cryptographically", we say "allows efficient verification of
behaviour"?

v2.31.3 | Report a Bug | By Email | System Status