Re: [therightkey] Draft charter for a Transparency Working Group

Ben Laurie <benl@google.com> Wed, 11 December 2013 18:23 UTC

Return-Path: <benl@google.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 443DF1ADFA7 for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 10:23:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.38
X-Spam-Level:
X-Spam-Status: No, score=-1.38 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ihjE9EqR7NUb for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 10:23:40 -0800 (PST)
Received: from mail-vb0-x233.google.com (mail-vb0-x233.google.com [IPv6:2607:f8b0:400c:c02::233]) by ietfa.amsl.com (Postfix) with ESMTP id 2F0AB1A1F66 for <therightkey@ietf.org>; Wed, 11 Dec 2013 10:23:39 -0800 (PST)
Received: by mail-vb0-f51.google.com with SMTP id 11so1870469vbe.24 for <therightkey@ietf.org>; Wed, 11 Dec 2013 10:23:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ymi7Ax2OwGH4jGNXx6tOt6AKLEqppR8C4ihdVvdQBYo=; b=JsqQq+rA5zSKcUunnJvwbJtOwmuWnsxJRyVT3MRhPCjmHFHtIsYRSb8J+PEIckuTSw sN7/8VLvffjXIHxEiB7E3QH3+TgySl2zK2ohV7OB2nqYtjtByR4H97DEh1fbUCriwRg+ RYIcvstRfoNoPFUIpbGWMFp6WlCdsNzOXBuDnVaeNWDiMvfHRRiJAHSGZzf/aWRWCwAG lvtHa2mGwDMhtUpMJj7qyrSW5eUb0NUsWXfRVo/JEXjNUQHSKwK0BgZS6EySVFWozsJ4 mR152oqVSigA0CsTmpLUvJfvZfqrNa3B7MRWNlRoFEkKxxDxXNzhBleNOo4uVjLTSAum PKjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=ymi7Ax2OwGH4jGNXx6tOt6AKLEqppR8C4ihdVvdQBYo=; b=UTC4GrjXTLpa8mZRAIMvHIaNbfmPfSgeP4P3IgFX2B+ojm55WBYuCBhnMu63U1uP4i gPmpI7cOfZ+yc+v/O2zIVczeVU81s9iBBVALUgajMxO68m8xiqsC0S3CpAb4aZuWi7Sa zHVOOrlV+bpQqw53576jw89HJhnxSIb1W269bl5Ggl0DZXtW8jqNRWRHbshNeX6Gei6g 5JnWCGPnTo9Wk/2hZwQmjXwjDvC6hHOaO0XkDgswwVQVBQWAHC2AUvtT/+RhR4E1fyei DMM67L1AhdMYRt8OBRO35G3sc3qpC/9iIHXujNDnhF8Oo7q1qrWvpD9BVJXSBffusk/5 jLrA==
X-Gm-Message-State: ALoCoQk5yIr7sER2G1WaoEyYEPh3WxW6NFN04EiAA5gXBLZocvuwzbCosgNab3Yd2837fjteM+xrjfiaS+1ferczJzT2MtvTg9CLHkAx7ykOmEMP/0CuXLQkLCok9EwSKtNJh8Tloi8MYnRrUiX6S5YQAn+2pX8nWmEuYrYY7BDR0yUUWoDHCNZ2hmEO/PGVBz8K6jBm7Yoj
MIME-Version: 1.0
X-Received: by 10.58.118.84 with SMTP id kk20mr1157254veb.26.1386786214270; Wed, 11 Dec 2013 10:23:34 -0800 (PST)
Received: by 10.52.183.65 with HTTP; Wed, 11 Dec 2013 10:23:34 -0800 (PST)
In-Reply-To: <CAMm+LwgzdivkiX-g+a4CBefTx=MCgMd17X1nM3x8R6fqt1bnnA@mail.gmail.com>
References: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com> <CAMm+LwgzdivkiX-g+a4CBefTx=MCgMd17X1nM3x8R6fqt1bnnA@mail.gmail.com>
Date: Wed, 11 Dec 2013 18:23:34 +0000
Message-ID: <CABrd9SS14WjMzRhVJNaqy4eaeMFisub0y2A=Dx9eHUone2BuTA@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "therightkey@ietf.org" <therightkey@ietf.org>
Subject: Re: [therightkey] Draft charter for a Transparency Working Group
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 18:23:41 -0000

On 11 December 2013 17:25, Phillip Hallam-Baker <hallam@gmail.com> wrote:
> IRTF or IETF?
>
> Do we build on existing legacy proposals or write new stuff?
>
> I think there are two separate or at least separable pieces of
> infrastructure needed. One is a transparent timestamp notary infrastructure
> and the other is transparency mechanisms that make use of said notary
> infrastructure.
>
> The need to revisit the first comes from the expiry of the Harber &
> Stornetta patents. I think we should have such a facility as a general Web
> facility. We can build an infrastructure that prevents defection without
> collusion by every notary and archive using existing technology.
>
>
> Applying the mechanisms to TLS might be done at different levels with
> different deployment impacts. Deploying in EE certs is much harder than
> deploying in cert signing certs. But the latter would provide most of the
> benefit by blocking MITM certs.
>
> I am looking at SMTP and the approach is very obviously research at this
> point.

I think this is well covered by "Discuss mechanisms and techniques
that allow cryptographically
verifiable logs to be deployed to improve the security of protocols
and software distribution. Where such mechanisms appear sufficiently
useful, the WG will re-charter to add relevant new work items."