IETF Logo Mail Archive

Re: [perpass] Draft charter for a Transparency Working Group

Robin Wilton <wilton@isoc.org> Mon, 06 January 2014 17:20 UTC

Return-Path: <wilton@isoc.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FE0A1AE115 for <perpass@ietfa.amsl.com>; Mon, 6 Jan 2014 09:20:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oW8IbP1cdehE for <perpass@ietfa.amsl.com>; Mon, 6 Jan 2014 09:20:26 -0800 (PST)
Received: from smtp110.iad3a.emailsrvr.com (smtp110.iad3a.emailsrvr.com [173.203.187.110]) by ietfa.amsl.com (Postfix) with ESMTP id 17B431AE111 for <perpass@ietf.org>; Mon, 6 Jan 2014 09:20:25 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp14.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 95C622B8086; Mon, 6 Jan 2014 12:20:16 -0500 (EST)
X-Virus-Scanned: OK
Received: by smtp14.relay.iad3a.emailsrvr.com (Authenticated sender: wilton-AT-isoc.org) with ESMTPSA id C3E8D2B80FF; Mon, 6 Jan 2014 12:20:15 -0500 (EST)
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_682D8C24-8DA6-4737-B8A9-A27119A111EE"
From: Robin Wilton <wilton@isoc.org>
In-Reply-To: <CABrd9SQHq+AkvvJQ6-XuwmDyT8-662GeavcU47jFoYYN8v1CAg@mail.gmail.com>
Date: Mon, 06 Jan 2014 17:20:53 +0000
Message-Id: <A4181252-CA90-4593-9924-E1EEC91E983F@isoc.org>
References: <CABrd9STYF166vXEXNneJfPyfo5VG3LPKmzyZpAhvYnDTsy_U9g@mail.gmail.com> <52A8B1D0.2080304@dcrocker.net> <CABrd9SS9FGsm-waznAHeMr33XzprhRF=DXVjknyL-7bOyArAxg@mail.gmail.com> <CAMm+LwjNXpszKMqXr231Vti=pfwYn98Fgmuv1T5M__nhGmZHQw@mail.gmail.com> <CABrd9SSYnBRtecDSwUZUjvKJPLB+XX6Kk_9NHtQ=X-5jo4jGxQ@mail.gmail.com> <52A8E0E9.5020409@dcrocker.net> <CABrd9ST+CKNNHZ-jLd1=boeWUh-sjZf1WF5fmayCF7+DjnD65w@mail.gmail.com> <52A9E61C.8030300@bbn.com> <CABrd9SSMs0+73R9Ug3tnLGt-56sYz0XEzy1RGYy=Yx7KM4r--w@mail.gmail.com> <52C19300.3050201@bbn.com> <CABrd9SQHq+AkvvJQ6-XuwmDyT8-662GeavcU47jFoYYN8v1CAg@mail.gmail.com>
To: Ben Laurie <benl@google.com>
X-Mailer: Apple Mail (2.1283)
Cc: perpass <perpass@ietf.org>, Stephen Kent <kent@bbn.com>, saag <saag@ietf.org>
Subject: Re: [perpass] Draft charter for a Transparency Working Group
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2014 17:20:28 -0000

Hi all -

A further suggestion inline. One motivation for my suggesting a change is that I am instinctively uneasy when the word "proof" crops up in this kind of context. I think what we're doing is providing the means to accrue evidence, on the basis of which someone can make an inference as to whether correct log behaviour has been recorded. 

R


On 6 Jan 2014, at 17:02, Ben Laurie wrote:

> On 30 December 2013 15:36, Stephen Kent <kent@bbn.com> wrote:
>> Ben,
>> 
>>> How's this?
>>> 
>>> [1] A cryptographically verifiable log is an append-only log of hashes
>>> of more-or-less anything that can prove its own correctness
>>> cryptographically.
>>> 
>>> For example, from RFC 6962: “The append-only property of each log is
>>> technically achieved using Merkle Trees, which can be used to show
>>> that any particular version of the log is a superset of any particular
>>> previous version. Likewise, Merkle Trees avoid the need to blindly
>>> trust logs: if a log attempts to show different things to different
>>> people, this can be efficiently detected by comparing tree roots and
>>> consistency proofs. Similarly, other misbehaviours of any log (e.g.,
>>> issuing signed timestamps for certificates they then don't log) can be
>>> efficiently detected and proved to the world at large.”
>>> 
>>> See RFC 6962,
>>> http://www.links.org/files/CertificateTransparencyVersion2.1a.pdf
>>> and http://www.links.org/files/RevocationTransparency.pdf for
>>> background.
>>> 
>> Sorry to be so late in responding; holidays ...
> 
> Likewise.
> 
>> The text describing how 6962 uses Merkle trees is good. I think the
>> phrase "prove its own correctness" is way too broad. The example
>> you cite shows how to demonstrate internal consistency for a log,
>> and to enable third parties to verify certain lob properties. That
>> is much narrower than what the term "correctness" implies.
> 
> How about, instead of "can prove its own correctness
> cryptographically", we say "allows efficient verification of
> behaviour"?

"A cryptographically verifiable log is an append-only log of hashes, structured in such a way as to provide efficiently-accessible, cryptographically-supported evidence of correct [log] behaviour". 

That way, you capture the following:

- use of hashing/cryptographic mechanisms to maintain the integrity of the evidence trail
- reference to the relevance of structure (Merkle trees)
- de-coupling of the evidence (signed records) from what it is that the evidence is intended to show (correct behaviour)

Hope this helps - 

Robin

> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass

v2.31.3 | Report a Bug | By Email | System Status