IETF Logo Mail Archive

Re: [therightkey] Draft charter for a Transparency Working Group

Phillip Hallam-Baker <hallam@gmail.com> Wed, 11 December 2013 21:43 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04A0E1AE00C for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 13:43:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s7jYHLdHSvKA for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 13:43:41 -0800 (PST)
Received: from mail-wg0-x235.google.com (mail-wg0-x235.google.com [IPv6:2a00:1450:400c:c00::235]) by ietfa.amsl.com (Postfix) with ESMTP id 0F2731ADFF9 for <therightkey@ietf.org>; Wed, 11 Dec 2013 13:43:40 -0800 (PST)
Received: by mail-wg0-f53.google.com with SMTP id k14so7137057wgh.20 for <therightkey@ietf.org>; Wed, 11 Dec 2013 13:43:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ItvXj6hbCLDyLnPIQgJT3ejNpUqX25b8PqLWR5w/tU8=; b=s8Nwuho/6m6pLF1TpGl0i6fN9e8Ze+Mxast0T6ULuF0wd85mn0PJc9pxSI3lO3nWCx Du919Rv2aEuzhy1XSKItgZIlk55Z4hUQ/D0GDB9f6SW3opMkcac2ZebwjvGLP2jDJXpM 0Mp3mFN/D3dNG5byzCZ8miH+UBLMyofy3yENUTnJh+vW4zVfk5M5inr16adp5VxUErun li+yheExgCXkHIVptjtRG0ZhvNpRfHrX1ry5MnZiiJ1e5TM6LeUnnBMRTuznnvjyfX3R ZUY1A2LD4FeAG7/2Zw/nt4Z10DgmVjaLWNNbJpXolh1tTGkGZD2mi8peO8CGArlmGThn aINg==
MIME-Version: 1.0
X-Received: by 10.180.76.112 with SMTP id j16mr8881377wiw.32.1386798214910; Wed, 11 Dec 2013 13:43:34 -0800 (PST)
Received: by 10.194.243.136 with HTTP; Wed, 11 Dec 2013 13:43:34 -0800 (PST)
In-Reply-To: <CABrd9SRhqCfH8GNu7Z-+_6ZSkRSyj7v+=qM+orYZLmJpsqq5OQ@mail.gmail.com>
References: <52A89F9F.70604@cs.tcd.ie> <10229F86C86EB444898E629583FD4171EDEAB12A@PACDCEXMB06.cable.comcast.com> <CABrd9SRhqCfH8GNu7Z-+_6ZSkRSyj7v+=qM+orYZLmJpsqq5OQ@mail.gmail.com>
Date: Wed, 11 Dec 2013 16:43:34 -0500
Message-ID: <CAMm+LwjL4Uq2rfbAd9f6a05tv6eJfC+qyT1GP2TqTQ6oG_+Rtg@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ben Laurie <benl@google.com>
Content-Type: multipart/alternative; boundary="90e6ba475e4bf9c6d604ed491efd"
Cc: "therightkey@ietf.org" <therightkey@ietf.org>, "Livingood, Jason" <Jason_Livingood@cable.comcast.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [therightkey] Draft charter for a Transparency Working Group
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 21:43:43 -0000

On Wed, Dec 11, 2013 at 1:29 PM, Ben Laurie <benl@google.com> wrote:

> On 11 December 2013 17:44, Livingood, Jason
> <Jason_Livingood@cable.comcast.com> wrote:
> > I totally understand the problem statement. But what concrete things can
> > you enumerate as goals/output of the WG?
>
> I already did enumerate the one current output: RFC 6962-bis.
>
> Other interesting targets include DNSSEC transparency, email-to-key
> mappings and binary transparency. All implicitly already in the
> charter.


I am currently working on an email scheme that is intended to consume such
a service.

The big difference as I see it is that with TLS we only have the
transparency issue to work on. In email we have a big functionality gap in
S/MIME which is the lack of a viable key discovery infrastructure. We have
plenty of proposals but nothing got done.


If we are going to do transparency in that sphere we should look at the two
problems together since any transparency infrastructure is potentially a
solution to the discovery problem.

If I can ask the transparency infrastructure if someone else has registered
a key for hallam@gmail.com to see if someone is impersonating me, then
someone who is trying to send me an email can ask the same infrastructure
what keys are registered for me.


The other big difference is in latency. Email is store and forward. The
issues that motivate putting transparency statements inside the certs in
SSL do not apply.



-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email