IETF Logo Mail Archive

Re: [therightkey] IESG eval of charter

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 22 January 2014 13:17 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56FFD1A00CD for <therightkey@ietfa.amsl.com>; Wed, 22 Jan 2014 05:17:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.435
X-Spam-Level:
X-Spam-Status: No, score=-2.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.535] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UuVwcS8ncIfM for <therightkey@ietfa.amsl.com>; Wed, 22 Jan 2014 05:17:15 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id EA2C51A00C7 for <therightkey@ietf.org>; Wed, 22 Jan 2014 05:17:14 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 447F3BE3E; Wed, 22 Jan 2014 13:17:14 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7kv2X+Q2tGcz; Wed, 22 Jan 2014 13:17:14 +0000 (GMT)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1EA94BE38; Wed, 22 Jan 2014 13:17:14 +0000 (GMT)
Message-ID: <52DFC4D9.3020207@cs.tcd.ie>
Date: Wed, 22 Jan 2014 13:17:13 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Paul Lambert <paul@marvell.com>, "therightkey@ietf.org" <therightkey@ietf.org>
References: <52DEF8CB.1040608@cs.tcd.ie> <CF044407.2D04E%paul@marvell.com> <CF044DBD.2D077%paul@marvell.com>
In-Reply-To: <CF044DBD.2D077%paul@marvell.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Subject: Re: [therightkey] IESG eval of charter
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jan 2014 13:17:17 -0000

Thanks Paul,

I'll hold off on these changes for now as the IESG
are reading this for tomorrow's telechat but we can
look at them again after that. Be good to know if
folks on the list like the changes though. (But
let's not get into wordsmithing.)

Also - I added the following in response to another
comment:

"While the privacy issues related to use of RFC6962 for public
web sites are minimal, the working group will consider privacy
as it might impact on uses of CT e.g. within enterprises or
for other uses of logs."

That's at [1] now.

Cheers,
S.

[1] https://datatracker.ietf.org/doc/charter-ietf-trans/

On 01/22/2014 12:16 AM, Paul Lambert wrote:
> 
> 
> OHiya,
>>>
>>> Getting a number of comments [1] from IESG folks that
>>> the charter's not so easy to grasp for non CT-aware
>>> folks.
>>>
>>> My current try at fixing that at [2]. Please suggest
>>> any *necessary* changes by tomorrow if you can. (And
>>> in OLD/NEW format please, just to be nice to me:-)
>>
>> NEW is the first three paragraphs mostly a restructure for readability.
> 
> Ooops - new is the first 4 paragraphs ending at the ³These logs can Š²
> 
>>
>> Paul
>>
>> - - - - -
>>
>> Cryptographic logs provide a mechanism to publish a list of events that
>> can be verified for correct ordering and content.  The logs are
>> append-only and can be efficiently verified by the world at large for
>> correct log behavior.  Certificate Transparency (CT, RFC6962) logs the
>> issuance of X.509 certificates.  The CT log enables the detection of
>> mis-issued certificates providing validation of correct CA operation.  The
>> working group will produce a standards-track version of the experimental
>> CT RFC 6962 reflecting implementation and deployment experience since that
>> specification was completed.
>>
>> Many other Internet protocols besides X.509 map public keys to some kind
>> of identifier and would benefit from a verifiable log These possible
>> application of a cryptographic log include: SMTPS, IPSec, DNSSEC and
>> OpenPGP. 
>>
>> These protocols rely on either ad-hoc mappings, (as in a web of trust), or
>> on authorities (such as CAs) that attest to the mappings. History shows
>> that neither of these mechanisms is entirely satisfactory.  Ad-hoc
>> mappings are difficult to discover and maintain, and authorities make
>> mistakes or are subverted.  Cryptographically verifiable logs can be used
>> to support these and other protocols to maintain consistent and correct
>> mappings.  Errors or subversion of the mappings can be detected and
>> corrected to minimize any adverse impact.
>>
>> A cryptographically verifiable log is an append-only log of hashes.  The
>> hashes can represent more-or-less anything and serve as a unique identify
>> for any information object.  The log is structured to provide efficient
>> access and cryptographic evidence of correct log operation. The individual
>> hashes are linked together using Merkle Trees, which can be used to show
>> that any particular version of the log is a superset of any particular
>> previous version. Merkle Trees avoid the need to blindly trust logs: if a
>> log attempts to show different things to different people, this can be
>> efficiently detected by comparing tree roots and consistency proofs.
>> Similarly, other misbehaviors of any log (e.g., issuing signed timestamps
>> for certificates they then don't log) can be efficiently detected and
>> proved to the world at large.
>>
>> These logs can potentially also assist with other interesting problems,
>> such as how to assure end users that software they are running is, indeed,
>> the software they intend to run.
>>
>> Work items:  
>>
>> - Publish an update to RFC 6962 as a standards-track mechanism to apply
>> verifiable logs to HTTP over TLS.  As DANE (RFC6698) provides an
>> alternative keying infrastructure to that used in the current web PKI, the
>> working group should consider appropriate client behavior in the presence
>> of both DANE-based keying and current web PKI when standardising CT.
>>
>> - Discuss mechanisms and techniques that allow cryptographically
>> verifiable logs to be deployed to improve the security of protocols and
>> software distribution. Where such mechanisms appear sufficiently useful,
>> the WG will re-charter to add relevant new work items.  Should no such
>> items be chartered the WG will close when documents associated with the
>> first work item are complete.
>>
>>
>>
>>
>>
>>
>>
>>>
>>> Bear in mind that we're developing the charter text
>>> that will go to IETF review, so this need not be the
>>> final final thing, e.g. the final wordsmithing polish
>>> can be done later.
>>>
>>> Cheers,
>>> S.
>>>
>>> [1] https://datatracker.ietf.org/doc/charter-ietf-trans/ballot/
>>> [2] https://datatracker.ietf.org/doc/charter-ietf-trans/
>>> _______________________________________________
>>> therightkey mailing list
>>> therightkey@ietf.org
>>> https://www.ietf.org/mailman/listinfo/therightkey
>>
>> _______________________________________________
>> therightkey mailing list
>> therightkey@ietf.org
>> https://www.ietf.org/mailman/listinfo/therightkey
> 
> _______________________________________________
> therightkey mailing list
> therightkey@ietf.org
> https://www.ietf.org/mailman/listinfo/therightkey
> 
>

v2.8.7 | Report a Bug | By Email