Re: [therightkey] Revised Draft Charter for Transparency WG
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 21 January 2014 00:35 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com
(Postfix) with ESMTP id 597C71A0280 for <therightkey@ietfa.amsl.com>;
Mon, 20 Jan 2014 16:35:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.435
X-Spam-Level:
X-Spam-Status: No,
score=-2.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,
RP_MATCHES_RCVD=-0.535] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b-yxhOd5bzvZ for
<therightkey@ietfa.amsl.com>; Mon, 20 Jan 2014 16:35:13 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by
ietfa.amsl.com (Postfix) with ESMTP id 9F3CE1A027C for <therightkey@ietf.org>;
Mon, 20 Jan 2014 16:35:13 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie
(Postfix) with ESMTP id CCA88BE33 for <therightkey@ietf.org>;
Tue, 21 Jan 2014 00:35:12 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost
(mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id
v9JM3UXhdWmL for <therightkey@ietf.org>; Tue, 21 Jan 2014 00:35:11 +0000 (GMT)
Received: from [10.87.48.3] (unknown [86.45.53.241]) by mercury.scss.tcd.ie
(Postfix) with ESMTPSA id 1DF83BE2F for <therightkey@ietf.org>;
Tue, 21 Jan 2014 00:35:11 +0000 (GMT)
Message-ID: <52DDC0BE.4070506@cs.tcd.ie>
Date: Tue, 21 Jan 2014 00:35:10 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: "therightkey@ietf.org" <therightkey@ietf.org>
References: <CABrd9SSRGzC1gnAm+6Wy2w3FamSgvFK09cHqPXAqH7Ky-n8wtQ@mail.gmail.com>
<C3D78338-B351-42C3-841F-BC46075AFC80@vpnc.org> <52D57BC7.1050905@cs.tcd.ie>
<52D5C469.7090209@cs.tcd.ie>
In-Reply-To: <52D5C469.7090209@cs.tcd.ie>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [therightkey] Revised Draft Charter for Transparency WG
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>,
<mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>,
<mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2014 00:35:17 -0000
Collected suggestions, in order sent to me: 1. Append-only Transparency Logs (trans) 2. PUblic Notary Transparency (punt) 3. Public Key Transparency (trans) 4. Transparency for public key binding (trans) 5. warnlog 6. canarielog 7. whistle-ledger 8. detection-ledger My order or preference would be #3, then #2, then #1 and otherwise don't care. If nobody objects (Do you really want to object? Is it important really? :-) I'll let the IESG pick one of those with that suggested ordering. Cheers, S. On 01/14/2014 11:12 PM, Stephen Farrell wrote: > > First and predictable comment: "Transparency WG" is too generic. > > Best crappy suggestion I have is "Append-only Transparency Logs" > but to keep the trans abbreviation. > > Better suggestions welcome. (Again offlist is fine since its > mostly bikeshedding about which we only care just enough to > irritate ourselves;-) > > S. > > On 01/14/2014 06:02 PM, Stephen Farrell wrote: >> >> Thanks Ben, Paul. >> >> I've kicked off the chartering process. [1] >> >> All going smoothly (which it doesn't always;-) this >> could be a WG at IETF-89. >> >> I've put in a placeholder BoF request so a slot is >> assigned for that when we schedule the meeting. >> (That's [2] which you can ignore unless someone >> asks why its there.) >> >> Cheers, >> S. >> >> [1] https://datatracker.ietf.org/doc/charter-ietf-trans/ >> [2] https://trac.tools.ietf.org/bof/trac/wiki/WikiStart#Security >> >> >> On 01/07/2014 04:35 PM, Paul Hoffman wrote: >>> I support the formation of this WG with basically this charter. However, having footnote in a charter make it harder to read. Having URLs that are not somewhat guaranteed to be available forever (such as those run by the IETF) make the charter unstable. A proposed editorial-only cleanup: >>> >>> Problem statement: >>> >>> Many Internet protocols require a mapping between some kind of identifier and some kind of >>> key, for example, HTTPS, SMTPS, IPSec, DNSSEC and OpenPGP. >>> >>> These protocols rely on either ad-hoc mappings, or on authorities which attest to the >>> mappings. >>> >>> History shows that neither of these mechanisms is entirely satisfactory. Ad-hoc mappings are >>> difficult to discover and maintain, and authorities make mistakes or are subverted. >>> >>> Cryptographically verifiable logs can help to ameliorate the problems by making it possible >>> to discover and rectify errors before they can cause harm. A cryptographically verifiable >>> log is an append-only log of hashes of more-or-less anything that is structured in such a >>> way as to provide efficiently-accessible, cryptographically-supported evidence of correct >>> log behaviour. For example, RFC 6962 says: "The append-only property of each log is >>> technically achieved using Merkle Trees, which can be used to show that any particular >>> version of the log is a superset of any particular previous version. Likewise, Merkle Trees >>> avoid the need to blindly trust logs: if a log attempts to show different things to >>> different people, this can be efficiently detected by comparing tree roots and consistency >>> proofs. Similarly, other misbehaviors of any log (e.g., issuing signed timestamps for >>> certificates they then don't log) can be efficiently detected and proved to the world at >>> large." >>> >>> These logs can also assist with other interesting problems, such as how to assure end users >>> that software they are running is, indeed, the software they intend to run. >>> >>> Work items: >>> >>> - Publish an update to RFC 6962 as a standards-track mechanism to apply verifiable logs to >>> HTTP over TLS. >>> >>> - Discuss mechanisms and techniques that allow cryptographically verifiable logs to be >>> deployed to improve the security of protocols and software distribution. Where such >>> mechanisms appear sufficiently useful, the WG will re-charter to add relevant new work items. >>> >>> _______________________________________________ >>> therightkey mailing list >>> therightkey@ietf.org >>> https://www.ietf.org/mailman/listinfo/therightkey >>> >>> >> _______________________________________________ >> therightkey mailing list >> therightkey@ietf.org >> https://www.ietf.org/mailman/listinfo/therightkey >> >> > _______________________________________________ > therightkey mailing list > therightkey@ietf.org > https://www.ietf.org/mailman/listinfo/therightkey > >
- [therightkey] Revised Draft Charter for Transpare… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Paul Hoffman
- Re: [therightkey] Revised Draft Charter for Trans… Tim Moses
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Tim Moses
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Tim Moses
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Stephen Farrell
- Re: [therightkey] Revised Draft Charter for Trans… Stephen Farrell
- Re: [therightkey] Revised Draft Charter for Trans… Stephen Farrell
- Re: [therightkey] Revised Draft Charter for Trans… Phillip Hallam-Baker