IETF Logo Mail Archive

Re: [therightkey] Draft charter for a Transparency Working Group

Phillip Hallam-Baker <hallam@gmail.com> Wed, 11 December 2013 17:25 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 023EF1ADF57 for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 09:25:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rFuAHxfbYEJw for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 09:25:28 -0800 (PST)
Received: from mail-wg0-x235.google.com (mail-wg0-x235.google.com [IPv6:2a00:1450:400c:c00::235]) by ietfa.amsl.com (Postfix) with ESMTP id D94F91ACB4E for <therightkey@ietf.org>; Wed, 11 Dec 2013 09:25:27 -0800 (PST)
Received: by mail-wg0-f53.google.com with SMTP id k14so6809859wgh.20 for <therightkey@ietf.org>; Wed, 11 Dec 2013 09:25:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=EkNPpvWmT/sJvCAcDv9Tm5n8qC2h3JWXk9PgmdRzTFs=; b=i/4B1cUZljN4S7WbLU0Un7bDyywEenXZxNCGUYxL0GNCx7Tx5dpc5pdHlEdbohtiV1 OJl0oleAtkf6X8ZV+enlreP8Dr6SWJyH1+QIrx/ZGs+z0CvfV7PLSt4RU7sUsEW9E2vE NHFGRwVP0N7Z6itGGDdS7rp/KYwkfA/Kb50p4fGVvMUqkw1u83/TmT/g+m4/BZ090ceG T9n+z631kRrkWXXAJ0eNPcAS8J2ljpu315JGc3Rrk3LQuqJmg6TPv7X0Zan69omlVE6U PG1qWIBUFBWXHC/TIDGByd8hK4qR/454ei3gxNJ1x5Wf4RJmYCSSArU/CyKqZ/BaGcoQ PxOw==
MIME-Version: 1.0
X-Received: by 10.180.20.33 with SMTP id k1mr3900616wie.34.1386782721826; Wed, 11 Dec 2013 09:25:21 -0800 (PST)
Received: by 10.194.243.136 with HTTP; Wed, 11 Dec 2013 09:25:21 -0800 (PST)
In-Reply-To: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com>
References: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com>
Date: Wed, 11 Dec 2013 12:25:21 -0500
Message-ID: <CAMm+LwgzdivkiX-g+a4CBefTx=MCgMd17X1nM3x8R6fqt1bnnA@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ben Laurie <benl@google.com>
Content-Type: multipart/alternative; boundary="bcaec53d5ee183ea4004ed4583c7"
Cc: "therightkey@ietf.org" <therightkey@ietf.org>
Subject: Re: [therightkey] Draft charter for a Transparency Working Group
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 17:25:30 -0000

IRTF or IETF?

Do we build on existing legacy proposals or write new stuff?

I think there are two separate or at least separable pieces of
infrastructure needed. One is a transparent timestamp notary infrastructure
and the other is transparency mechanisms that make use of said notary
infrastructure.

The need to revisit the first comes from the expiry of the Harber &
Stornetta patents. I think we should have such a facility as a general Web
facility. We can build an infrastructure that prevents defection without
collusion by every notary and archive using existing technology.


Applying the mechanisms to TLS might be done at different levels with
different deployment impacts. Deploying in EE certs is much harder than
deploying in cert signing certs. But the latter would provide most of the
benefit by blocking MITM certs.

I am looking at SMTP and the approach is very obviously research at this
point.

v2.23.0 | Report a Bug | By Email