Re: [therightkey] Draft charter for a Transparency Working Group

Ben Laurie <benl@google.com> Sat, 14 December 2013 12:41 UTC

Return-Path: <benl@google.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36B971AC441 for <therightkey@ietfa.amsl.com>; Sat, 14 Dec 2013 04:41:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.38
X-Spam-Level:
X-Spam-Status: No, score=-1.38 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qpCQ9deb76Cu for <therightkey@ietfa.amsl.com>; Sat, 14 Dec 2013 04:41:11 -0800 (PST)
Received: from mail-vb0-x230.google.com (mail-vb0-x230.google.com [IPv6:2607:f8b0:400c:c02::230]) by ietfa.amsl.com (Postfix) with ESMTP id 667BD1ADFB5 for <therightkey@ietf.org>; Sat, 14 Dec 2013 04:40:01 -0800 (PST)
Received: by mail-vb0-f48.google.com with SMTP id f13so2028721vbg.35 for <therightkey@ietf.org>; Sat, 14 Dec 2013 04:39:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=JFlcUvqr1apprZY8Rl7Anjg8zFxbvN5l837t63dt0yM=; b=c+6IA0XoMd3bJbXz6Px9AqkiIiworKOjVq/o+sjrxhltd9+tgr5QideoQZIDOgJyCQ r2RK/iAm2Xq54IfgzG1JbkemfOvBaGl9y/jQkPQuwpFTdlXzMqtRsIfz/oqRRIYUv4Vj RdljygxMjgJBrq86KX3uUdn37+Q/pzzyABrnyozbGVKN5eEwrjaXDzvzHimXK0JeBeJR ShK3t0iOFtHh0KwDAK+TQAXxg3wfiKF8vnnSRCKYfis1+KyFg8wWEOZjFIouu6bvb4tT FOAgM7850C8DCP4pN2sYQY/Zv9Yj9kMyjCQfYgEESI7XrDgGj3VomL4sD2Bftw8ZbUI+ mqeg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=JFlcUvqr1apprZY8Rl7Anjg8zFxbvN5l837t63dt0yM=; b=Qa6XIFyrQYhCpKQmDmasw4vKY3P1r+Iqr6sruyTfB89Kz2B+9gT421EhtjUlc0XDIK hxQTIWIRASB8u66fIQ6XQINaYOwQzSnAZqgvZUTf09uFTeurMuqxai3nR6qK/yFVBRDB rN6cv76V2xm06i5rkdoFuV5WgV3pfSSq0e4DB9431xK+g/GAJMFfi+kUoK+fs7dH+nZW Rweujm2nZzkozjv42xSrRFjpsNoiB75Snrl2IWUvbslC4kFb+fpg85cnUeR7N/CfeJ5p v3/tkza2sw7INgDl9zAgNGtAM+ch4b9YvsyeySohMsyDlgujA6Jt8avXLn8/dFtyor0h ruZQ==
X-Gm-Message-State: ALoCoQm/5/2I67DOq9unr61gReyzJuigoFup32Skr9d7dpmFI/g9bRVKNRxOPXRLMVmpwdb5Pe2zSINyF/f2W0MULmJ8DrfH0Z0jeeoieDrGVJHoMAy3diZGn/sINBV0ltCKx9whDiPAfYxFJ+l01ViqOOSvNU2OE97UVfe3w5ZBChhme3NAL8cEPTWYZI2czoNy9bXDrPq3
MIME-Version: 1.0
X-Received: by 10.52.229.39 with SMTP id sn7mr2505907vdc.2.1387024794387; Sat, 14 Dec 2013 04:39:54 -0800 (PST)
Received: by 10.52.183.65 with HTTP; Sat, 14 Dec 2013 04:39:54 -0800 (PST)
In-Reply-To: <52AC3C39.3010306@net.in.tum.de>
References: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com> <52AC3C39.3010306@net.in.tum.de>
Date: Sat, 14 Dec 2013 12:39:54 +0000
Message-ID: <CABrd9SQ922KSq_D7v0_+smrq20fGiRVR+ytS0EQMJzx0NhY29g@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Ralph Holz <holz@net.in.tum.de>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "therightkey@ietf.org" <therightkey@ietf.org>
Subject: Re: [therightkey] Draft charter for a Transparency Working Group
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Dec 2013 12:41:12 -0000

On 14 December 2013 11:08, Ralph Holz <holz@net.in.tum.de> wrote:
> On 12/11/2013 05:55 PM, Ben Laurie wrote:
>> Who's in?
>
> I'd like to be part of it.
>
>> Cryptographically verifiable logs can help to ameliorate the problems
>> by making it possible to discover and rectify errors before they can
>> cause harm.
>
> Correct me if I am wrong, but the following comes to mind. I'd probably
> say "too much harm" or "significant harm": the public log concept allows
> for a short time window for successful attack.

That's not actually generally true. There's really a spectrum where
"responsive log/immediate availability of certs (or whatever)" as at
one end and "slow log/certs delayed until everyone's happy" is at the
other.

The original CT proposal delayed cert issuance to reduce the window.
CAs didn't like it. So, we exchanged more attack window for happier
CAs. That's a needle we might want to move over time.

> Much depends on the
> number of logs a CA pushes their certs to, and how many monitors watch
> these logs for suspicious changes. I am less concerned about the
> consistency proofs and audit paths here, and more about what monitors
> actually do. I.e., deployment issues.
>
>> Work items: Specify a standards-track mechanism to apply verifiable
>> logs to HTTP/TLS (i.e. RFC 6962-bis).
>
> One thing that I was wondering about is whether the work can be taken
> further at some point to include that mechanism from Sovereign Keys that
> allows to give, say, an alternate Tor routing (or hidden service), for a
> given domain, in order to avoid censorship. I'd agree that's not a
> primary topic for CT, but a worthwhile goal to keep in mind for later.

In the Revocation Transparency paper, we describe two mechanisms that
could be sued to remove the trusted components from Sovereign Keys. So
... yes.