IETF Logo Mail Archive

Re: [therightkey] Draft charter for a Transparency Working Group

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 11 December 2013 17:23 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FB8F1ACB4E for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 09:23:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2icu0FTJBFMA for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 09:23:51 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id A47E21ADF12 for <therightkey@ietf.org>; Wed, 11 Dec 2013 09:23:50 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 59978BE9A; Wed, 11 Dec 2013 17:23:44 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z1M612Hc9to9; Wed, 11 Dec 2013 17:23:44 +0000 (GMT)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id DB367BE79; Wed, 11 Dec 2013 17:23:43 +0000 (GMT)
Message-ID: <52A89F9F.70604@cs.tcd.ie>
Date: Wed, 11 Dec 2013 17:23:43 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: Ben Laurie <benl@google.com>, "therightkey@ietf.org" <therightkey@ietf.org>
References: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com>
In-Reply-To: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [therightkey] Draft charter for a Transparency Working Group
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 17:23:54 -0000

Thanks Ben,

So folks know what we're thinking and in case all the
process gibberish isn't clear to you all...

Sean and I like the idea of doing this, and the more that
it seems to get broader support, the more we'll like it.

Since there was already a BoF on this back at IETF-85 [1]
that concluded this was work that's relevant to do in
the IETF, we're thinking that if a crisp enough charter
can be crafted on this list then this wouldn't need another
BoF but would be ok to just be pushed into the IESG/IETF
approval process.

What that means is that when Sean and I think we have a
good enough charter draft, then we'll put that into the
datatracker and the IESG will do an IESG-internal review
to decide if its ready to be sent out for IETF review.
If/when the IESG are ok with that going for IETF-wide
review then a mail will go to the IETF discuss list so's
anyone can comment on the proposed new WG. Then the IESG
get to look at it again, and any comments we've gotten,
and approve the new WG or not. Charter text tweaks can
be expected at each stage.

All going well, that could result in a new WG for this
being formed early in the new year, before IETF-89
with the WG having a first f2f meeting there presumably.

So please comment on Ben's text and the above with that
in mind. I assume Ben will hold the pen on draft charter
text and update that as comments are received.

And please use this list for now, since this is the
one we used for RFC 6962 so probably has the right
people. When/if we form a WG we can make a new list
or use this one if folks prefer that.

Thanks,
S.

[1] http://www.ietf.org/proceedings/85/certrans.html

On 12/11/2013 04:55 PM, Ben Laurie wrote:
> Who's in?
> 
> "Problem statement: many Internet protocols require a mapping between
> some kind of identifier and some kind of key, for example, HTTPS,
> SMTPS, IPSec, DNSSEC and OpenPGP.
> 
> These protocols rely on either ad-hoc mappings, or on authorities
> which attest to the mappings.
> 
> 
> History shows that neither of these mechanisms is entirely
> satisfactory. Ad-hoc mappings are difficult to discover and maintain,
> and authorities make mistakes or are subverted.
> 
> 
> Cryptographically verifiable logs can help to ameliorate the problems
> by making it possible to discover and rectify errors before they can
> cause harm.
> 
> 
> These logs can also assist with other interesting problems, such as
> how to assure end users that software they are running is, indeed, the
> software they intend to run.
> 
> 
> Work items: Specify a standards-track mechanism to apply verifiable
> logs to HTTP/TLS (i.e. RFC 6962-bis).
> 
> 
> Discuss mechanisms and techniques that allow cryptographically
> verifiable logs to be deployed to improve the security of protocols
> and software distribution. Where such mechanisms appear sufficiently
> useful, the WG will re-charter to add relevant new work items."
> _______________________________________________
> therightkey mailing list
> therightkey@ietf.org
> https://www.ietf.org/mailman/listinfo/therightkey
> 
>

v2.23.0 | Report a Bug | By Email