IETF Logo Mail Archive

Re: [therightkey] Draft charter for a Transparency Working Group

Paul Lambert <paul@marvell.com> Thu, 12 December 2013 01:32 UTC

Return-Path: <paul@marvell.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81B471AE032 for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 17:32:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.567
X-Spam-Level:
X-Spam-Status: No, score=-1.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OJF30czbiS1Z for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 17:32:32 -0800 (PST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by ietfa.amsl.com (Postfix) with ESMTP id 501951AE01F for <therightkey@ietf.org>; Wed, 11 Dec 2013 17:32:32 -0800 (PST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.14.5/8.14.5) with SMTP id rBC1WOxE030622; Wed, 11 Dec 2013 17:32:24 -0800
Received: from sc-owa.marvell.com ([199.233.58.135]) by mx0b-0016f401.pphosted.com with ESMTP id 1gpgd4jsaf-8 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 11 Dec 2013 17:32:24 -0800
Received: from SC-vEXCH2.marvell.com ([10.93.76.134]) by SC-OWA.marvell.com ([::1]) with mapi; Wed, 11 Dec 2013 17:32:19 -0800
From: Paul Lambert <paul@marvell.com>
To: Ben Laurie <benl@google.com>, "therightkey@ietf.org" <therightkey@ietf.org>
Date: Wed, 11 Dec 2013 17:32:18 -0800
Thread-Topic: [therightkey] Draft charter for a Transparency Working Group
Thread-Index: Ac722f8lZ9meEbpRT4WYLJeilxU/KA==
Message-ID: <CECE51D6.29F5B%paul@marvell.com>
References: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com>
In-Reply-To: <CABrd9SSzGJy18tf_iR5jFNk-sJyX66OPhmM4H23K5X2ZpWniyQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.9.131030
acceptlanguage: en-US
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87, 1.0.14, 0.0.0000 definitions=2013-12-12_01:2013-12-11, 2013-12-12, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1312110158
Subject: Re: [therightkey] Draft charter for a Transparency Working Group
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Dec 2013 01:32:33 -0000

On 12/11/13, 8:55 AM, "Ben Laurie" <benl@google.com> wrote:

>Who's in?
Very cool concept Š very broad possible applications.
Less interested in HTTPS/TLS, but many applications.

Paul


>
>"Problem statement: many Internet protocols require a mapping between
>some kind of identifier and some kind of key, for example, HTTPS,
>SMTPS, IPSec, DNSSEC and OpenPGP.
>
>These protocols rely on either ad-hoc mappings, or on authorities
>which attest to the mappings.
>
>
>History shows that neither of these mechanisms is entirely
>satisfactory. Ad-hoc mappings are difficult to discover and maintain,
>and authorities make mistakes or are subverted.
>
>
>Cryptographically verifiable logs can help to ameliorate the problems
>by making it possible to discover and rectify errors before they can
>cause harm.
>
>
>These logs can also assist with other interesting problems, such as
>how to assure end users that software they are running is, indeed, the
>software they intend to run.
>
>
>Work items: Specify a standards-track mechanism to apply verifiable
>logs to HTTP/TLS (i.e. RFC 6962-bis).
>
>
>Discuss mechanisms and techniques that allow cryptographically
>verifiable logs to be deployed to improve the security of protocols
>and software distribution. Where such mechanisms appear sufficiently
>useful, the WG will re-charter to add relevant new work items."
>_______________________________________________
>therightkey mailing list
>therightkey@ietf.org
>https://www.ietf.org/mailman/listinfo/therightkey

v2.23.0 | Report a Bug | By Email