Re: [therightkey] Revised Draft Charter for Transparency WG
Phillip Hallam-Baker <hallam@gmail.com> Tue, 21 January 2014 01:19 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com
(Postfix) with ESMTP id 0EF6B1A0002 for <therightkey@ietfa.amsl.com>;
Mon, 20 Jan 2014 17:19:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No,
score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,
DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001,
HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gwHVeaQoTSLI for
<therightkey@ietfa.amsl.com>; Mon, 20 Jan 2014 17:19:47 -0800 (PST)
Received: from mail-lb0-x232.google.com (mail-lb0-x232.google.com
[IPv6:2a00:1450:4010:c04::232]) by ietfa.amsl.com (Postfix) with ESMTP id
7BF261A0216 for <therightkey@ietf.org>; Mon, 20 Jan 2014 17:19:46 -0800 (PST)
Received: by mail-lb0-f178.google.com with SMTP id u14so5395308lbd.23 for
<therightkey@ietf.org>; Mon, 20 Jan 2014 17:19:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type; bh=9/M13uIB5Av1UBhLVOwZkqgvIJfg7SU/ad+XpjXxaTY=;
b=ylZ6WnXokjd2hlurTda4F/5zDsrBMu8L3SvXptINVFoJKUwWTWuAGXWUY7dwrl21S6
w8NYeMwUAkZw9MiqvJP+wOMXvfQgHH3H0l+x3pXo6yv6RIY+bS7E112Cp0/vVuKHmK82
zLzYnEQsEaC307IPXtaHQ5bxRlXdqbqH698wGBB8ZgXGwEgMU9utIBcYBY2x4/N1NlN7
2ZtQM5IrroPyuaLSJdehFBN22yWSAjKV/teW5bItT4i3AsCrIukBXY8W0bRFEG6fgK4m
zwgEbTb+utjep6p6AWjfMEBhbSI+LA1cFi5ikYHm3qXrkFuK8GYwJr10JSeQnRH2XMhe W1cQ==
MIME-Version: 1.0
X-Received: by 10.152.44.133 with SMTP id e5mr218039lam.37.1390267185799;
Mon, 20 Jan 2014 17:19:45 -0800 (PST)
Received: by 10.112.37.172 with HTTP; Mon, 20 Jan 2014 17:19:45 -0800 (PST)
In-Reply-To: <52DDC0BE.4070506@cs.tcd.ie>
References: <CABrd9SSRGzC1gnAm+6Wy2w3FamSgvFK09cHqPXAqH7Ky-n8wtQ@mail.gmail.com>
<C3D78338-B351-42C3-841F-BC46075AFC80@vpnc.org> <52D57BC7.1050905@cs.tcd.ie>
<52D5C469.7090209@cs.tcd.ie> <52DDC0BE.4070506@cs.tcd.ie>
Date: Mon, 20 Jan 2014 20:19:45 -0500
Message-ID: <CAMm+Lwi4DZpr3vDQf0_773Rvzrjd_bq4+rt7++9u9BiipSV10w@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary=089e0160a478c0a6d304f070cdf3
Cc: "therightkey@ietf.org" <therightkey@ietf.org>
Subject: Re: [therightkey] Revised Draft Charter for Transparency WG
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>,
<mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>,
<mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2014 01:19:50 -0000
Why limit it to public keys? Security Policy statements can be notarized in the same manner and this has real benefits. Trust Infrastructure Transparency or Transparent Infrastructure for Trust TIT either way. On Mon, Jan 20, 2014 at 7:35 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie>wrote;wrote: > > Collected suggestions, in order sent to me: > > 1. Append-only Transparency Logs (trans) > 2. PUblic Notary Transparency (punt) > 3. Public Key Transparency (trans) > 4. Transparency for public key binding (trans) > 5. warnlog > 6. canarielog > 7. whistle-ledger > 8. detection-ledger > > My order or preference would be #3, then #2, then #1 and > otherwise don't care. > > If nobody objects (Do you really want to object? Is it > important really? :-) I'll let the IESG pick one of those > with that suggested ordering. > > Cheers, > S. > > On 01/14/2014 11:12 PM, Stephen Farrell wrote: > > > > First and predictable comment: "Transparency WG" is too generic. > > > > Best crappy suggestion I have is "Append-only Transparency Logs" > > but to keep the trans abbreviation. > > > > Better suggestions welcome. (Again offlist is fine since its > > mostly bikeshedding about which we only care just enough to > > irritate ourselves;-) > > > > S. > > > > On 01/14/2014 06:02 PM, Stephen Farrell wrote: > >> > >> Thanks Ben, Paul. > >> > >> I've kicked off the chartering process. [1] > >> > >> All going smoothly (which it doesn't always;-) this > >> could be a WG at IETF-89. > >> > >> I've put in a placeholder BoF request so a slot is > >> assigned for that when we schedule the meeting. > >> (That's [2] which you can ignore unless someone > >> asks why its there.) > >> > >> Cheers, > >> S. > >> > >> [1] https://datatracker.ietf.org/doc/charter-ietf-trans/ > >> [2] https://trac.tools.ietf.org/bof/trac/wiki/WikiStart#Security > >> > >> > >> On 01/07/2014 04:35 PM, Paul Hoffman wrote: > >>> I support the formation of this WG with basically this charter. > However, having footnote in a charter make it harder to read. Having URLs > that are not somewhat guaranteed to be available forever (such as those run > by the IETF) make the charter unstable. A proposed editorial-only cleanup: > >>> > >>> Problem statement: > >>> > >>> Many Internet protocols require a mapping between some kind of > identifier and some kind of > >>> key, for example, HTTPS, SMTPS, IPSec, DNSSEC and OpenPGP. > >>> > >>> These protocols rely on either ad-hoc mappings, or on authorities > which attest to the > >>> mappings. > >>> > >>> History shows that neither of these mechanisms is entirely > satisfactory. Ad-hoc mappings are > >>> difficult to discover and maintain, and authorities make mistakes or > are subverted. > >>> > >>> Cryptographically verifiable logs can help to ameliorate the problems > by making it possible > >>> to discover and rectify errors before they can cause harm. A > cryptographically verifiable > >>> log is an append-only log of hashes of more-or-less anything that is > structured in such a > >>> way as to provide efficiently-accessible, cryptographically-supported > evidence of correct > >>> log behaviour. For example, RFC 6962 says: "The append-only property > of each log is > >>> technically achieved using Merkle Trees, which can be used to show > that any particular > >>> version of the log is a superset of any particular previous version. > Likewise, Merkle Trees > >>> avoid the need to blindly trust logs: if a log attempts to show > different things to > >>> different people, this can be efficiently detected by comparing tree > roots and consistency > >>> proofs. Similarly, other misbehaviors of any log (e.g., issuing signed > timestamps for > >>> certificates they then don't log) can be efficiently detected and > proved to the world at > >>> large." > >>> > >>> These logs can also assist with other interesting problems, such as > how to assure end users > >>> that software they are running is, indeed, the software they intend to > run. > >>> > >>> Work items: > >>> > >>> - Publish an update to RFC 6962 as a standards-track mechanism to > apply verifiable logs to > >>> HTTP over TLS. > >>> > >>> - Discuss mechanisms and techniques that allow cryptographically > verifiable logs to be > >>> deployed to improve the security of protocols and software > distribution. Where such > >>> mechanisms appear sufficiently useful, the WG will re-charter to add > relevant new work items. > >>> > >>> _______________________________________________ > >>> therightkey mailing list > >>> therightkey@ietf.org > >>> https://www.ietf.org/mailman/listinfo/therightkey > >>> > >>> > >> _______________________________________________ > >> therightkey mailing list > >> therightkey@ietf.org > >> https://www.ietf.org/mailman/listinfo/therightkey > >> > >> > > _______________________________________________ > > therightkey mailing list > > therightkey@ietf.org > > https://www.ietf.org/mailman/listinfo/therightkey > > > > > _______________________________________________ > therightkey mailing list > therightkey@ietf.org > https://www.ietf.org/mailman/listinfo/therightkey > -- Website: http://hallambaker.com/
- [therightkey] Revised Draft Charter for Transpare… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Paul Hoffman
- Re: [therightkey] Revised Draft Charter for Trans… Tim Moses
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Tim Moses
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Tim Moses
- Re: [therightkey] Revised Draft Charter for Trans… Ben Laurie
- Re: [therightkey] Revised Draft Charter for Trans… Stephen Farrell
- Re: [therightkey] Revised Draft Charter for Trans… Stephen Farrell
- Re: [therightkey] Revised Draft Charter for Trans… Stephen Farrell
- Re: [therightkey] Revised Draft Charter for Trans… Phillip Hallam-Baker