IETF Logo Mail Archive

Re: [therightkey] Revised Draft Charter for Transparency WG

Ben Laurie <benl@google.com> Tue, 07 January 2014 16:51 UTC

Return-Path: <benl@google.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 925C21AE04E for <therightkey@ietfa.amsl.com>; Tue, 7 Jan 2014 08:51:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.917
X-Spam-Level:
X-Spam-Status: No, score=-1.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ndz7Bs5OnIDw for <therightkey@ietfa.amsl.com>; Tue, 7 Jan 2014 08:51:51 -0800 (PST)
Received: from mail-vb0-x236.google.com (mail-vb0-x236.google.com [IPv6:2607:f8b0:400c:c02::236]) by ietfa.amsl.com (Postfix) with ESMTP id C2AD61AE04D for <therightkey@ietf.org>; Tue, 7 Jan 2014 08:51:50 -0800 (PST)
Received: by mail-vb0-f54.google.com with SMTP id g10so293275vbg.13 for <therightkey@ietf.org>; Tue, 07 Jan 2014 08:51:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=zp5FNZHHTupK76tuvls1ruY+7+jtULPpypGwnssQN60=; b=Vg+2WfoDxJtU+8xH7ssjt7/7Ns5Br9MwgL7tNh1w38uPssyo8j5QPEjf6nF4GP9lWi FTL0ZZTZ5Dok5vnP49+eaOsbXsmwd/HQGaRPHQIyhKy4V7N3WG8bwSliLLsYZYgWfWK2 Gbyjp0Z1wDfV1vdkP7Ozqtc1pP1skWk0m01dHSWaXcrXVJUteUKsD3xsQS6mYEhaaGE5 W6ITcZjCu/8KqazwzfPpx/QYQR8yvbQfuTNTQi7KlTzofPIZDAfWVytOZ9KEJIe3yPsf BKLFxixuXv7CvxCX3lbnMkraJA9X0AjxNxeTuXm1UdeG5IzloazEI/d+in1NhzNstL7v 4wXg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=zp5FNZHHTupK76tuvls1ruY+7+jtULPpypGwnssQN60=; b=BsNI7c6/zi75q/yj5KVyXUZeVcR/qRjsK7rAPETcJ/BlPhdfexFlP9hdfZBHAs0YDF SZnvvyC86xNJz9j4URESavijEVY8zmVwQd+GV2+DLEYWOqwtuYw2vgZ6W/KpiPWRZWKG TocBAh32Il+jIwgrOkvMZylRLZFkKA6DHwtvPhV2aFjdteH3CqtV87PGAlneLAAKYagp Fbb5kqJXHpTC+im1XVWqV0e11pk9oDfqismsUFXafEzVADb6QWp+O9CLiyM988I9KWhL CJUlWeo1YfiDtHu1cAMVc8k3ObmDqK4iDl/tUy6ODUu9Of90243SAU1Ankf8EbBMUcI8 K7EQ==
X-Gm-Message-State: ALoCoQlh6gC+IWs8MXwYeIjfN9GQ8dg2V0ofBILMVY/QQ8AnS7bQ16ukwEmIUy90bFLNQSmp2A0hZNWTf3infxnNAEeCb+5jNxdYAitnICx/6sXEsoK1uTSRhCOZ6JCD1USFd7Ubny0Y7HK+74lR9TU3LVebXJCumAermkDUXCaqnlcs5qMg5oloOexV1NYdfEO3yzxY2JRN
MIME-Version: 1.0
X-Received: by 10.58.85.133 with SMTP id h5mr9351235vez.4.1389113501553; Tue, 07 Jan 2014 08:51:41 -0800 (PST)
Received: by 10.52.169.202 with HTTP; Tue, 7 Jan 2014 08:51:41 -0800 (PST)
In-Reply-To: <C3D78338-B351-42C3-841F-BC46075AFC80@vpnc.org>
References: <CABrd9SSRGzC1gnAm+6Wy2w3FamSgvFK09cHqPXAqH7Ky-n8wtQ@mail.gmail.com> <C3D78338-B351-42C3-841F-BC46075AFC80@vpnc.org>
Date: Tue, 7 Jan 2014 16:51:41 +0000
Message-ID: <CABrd9SR3PO8X3EoDKWqNOh=iZOeaerx6JeVzXg4m46VLeNBTnA@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: "therightkey@ietf.org" <therightkey@ietf.org>
Subject: Re: [therightkey] Revised Draft Charter for Transparency WG
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jan 2014 16:51:52 -0000

On 7 January 2014 16:35, Paul Hoffman <paul.hoffman@vpnc.org> wrote:
> I support the formation of this WG with basically this charter. However, having footnote in a charter make it harder to read. Having URLs that are not somewhat guaranteed to be available forever (such as those run by the IETF) make the charter unstable. A proposed editorial-only cleanup:
>
> Problem statement:
>
> Many Internet protocols require a mapping between some kind of identifier and some kind of
> key, for example, HTTPS, SMTPS, IPSec, DNSSEC and OpenPGP.
>
> These protocols rely on either ad-hoc mappings, or on authorities which attest to the
> mappings.
>
> History shows that neither of these mechanisms is entirely satisfactory. Ad-hoc mappings are
> difficult to discover and maintain, and authorities make mistakes or are subverted.
>
> Cryptographically verifiable logs can help to ameliorate the problems by making it possible
> to discover and rectify errors before they can cause harm. A cryptographically verifiable
> log is an append-only log of hashes of more-or-less anything that  is structured in such a
> way as to provide efficiently-accessible, cryptographically-supported evidence of correct
> log behaviour. For example, RFC 6962 says: "The append-only property of each log is
> technically achieved using Merkle Trees, which can be used to show that any particular
> version of the log is a superset of any particular previous version. Likewise, Merkle Trees
> avoid the need to blindly trust logs: if a log attempts to show different things to
> different people, this can be efficiently detected by comparing tree roots and consistency
> proofs. Similarly, other misbehaviors of any log (e.g., issuing signed timestamps for
> certificates they then don't log) can be efficiently detected and proved to the world at
> large."
>
> These logs can also assist with other interesting problems, such as how to assure end users
> that software they are running is, indeed, the software they intend to run.
>
> Work items:
>
> - Publish an update to RFC 6962 as a standards-track mechanism to apply verifiable logs to
> HTTP over TLS.
>
> - Discuss mechanisms and techniques that allow cryptographically verifiable logs to be
> deployed to improve the security of protocols and software distribution. Where such
> mechanisms appear sufficiently useful, the WG will re-charter to add relevant new work items.

OK with me.

Thanks.

v2.8.7 | Report a Bug | By Email