IETF Logo Mail Archive

Re: [therightkey] Draft charter for a Transparency Working Group

Ben Laurie <benl@google.com> Wed, 11 December 2013 18:29 UTC

Return-Path: <benl@google.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 330E41AE069 for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 10:29:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.38
X-Spam-Level:
X-Spam-Status: No, score=-1.38 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D00DlUYOpiOn for <therightkey@ietfa.amsl.com>; Wed, 11 Dec 2013 10:29:15 -0800 (PST)
Received: from mail-ve0-x231.google.com (mail-ve0-x231.google.com [IPv6:2607:f8b0:400c:c01::231]) by ietfa.amsl.com (Postfix) with ESMTP id 658C11AE066 for <therightkey@ietf.org>; Wed, 11 Dec 2013 10:29:15 -0800 (PST)
Received: by mail-ve0-f177.google.com with SMTP id db12so6182527veb.22 for <therightkey@ietf.org>; Wed, 11 Dec 2013 10:29:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=TN/54zqF9+0yzYUEUxikMjLQTvncwJvzHmsmZXN08wY=; b=mtIpfMQg5dE44Cnrj/d0+7KCKUbjD4v4Jlqwr0IXrkcXSqJBBbAvWwvg2n2z1OzdwL w97FtUnyWDJlLoXRw6Igx81YPrzQNKXoDdVhfvSIRGAfuGNxTFGAF3Ig0qIKTRDZvYfl GjCPO1AZAlSvYEplt79vugaqQTIvpCj44pzHjff6ZF3qxRdyH52qX0ZWYoxYj/FLmm3H 0zSpsNzVUTojzbyzAp840NTfBQCVpYx9ll4EDvUwg3sd7uownOYtusGPF1mr6tFoKfh2 vPAs7izq0xD4fC2r36p0w7B8DuDczV5OE5vNwI6hDvyL+klTlM5dCM517uSLiXOkRzMb VWIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=TN/54zqF9+0yzYUEUxikMjLQTvncwJvzHmsmZXN08wY=; b=ZjORwpP+m4CI5HNdr8C/ppfNVKvP6I7Y4tAe6WHYDO2ag5s3dIvwno4lYNGyJn34nL SkTpod8Q/s4pg1DY0Zc5ZM5aW9SLOBhC9NfTsS2MEzqsmy3GE4HgMCNKuALQhgL9DpM6 dz6Nh4PnX6uChXxeel79MTPm1momk2InEleY07zZ71dXIXsv7JdsGzR1gKv918sZDXpD xD+Bl9R8CCewNKrdQpsmm1V+lQt9/9ovuSpIfstZWGzgrNpjUVGFDG+Qf9mRyvgXvVy7 JPx3JorzGsJUy8wbtvJsI6TcroPoidNweyzJeeuImRlfbHRKpVonKXDBCGobCpbesn0m lSPw==
X-Gm-Message-State: ALoCoQmtd1S32tYEK8aE9sIu/LqPCp22lU1JvOQ2zKAu7IH2JdqMkOk8zAVtFmV75MNr2MWbuPrpypG1SQovm3HunEpeOhRT/T1tIAs6yCs3biF5YcfgAzjo8aYYroWYIrFwLApB71tqswDx/dYvNqiBqhzqezq1PQK16VH+rIB+n+wgOTcPZwTKqTXGuZhPZVtAw8WQn6YT
MIME-Version: 1.0
X-Received: by 10.220.145.75 with SMTP id c11mr1181524vcv.30.1386786549495; Wed, 11 Dec 2013 10:29:09 -0800 (PST)
Received: by 10.52.183.65 with HTTP; Wed, 11 Dec 2013 10:29:09 -0800 (PST)
In-Reply-To: <10229F86C86EB444898E629583FD4171EDEAB12A@PACDCEXMB06.cable.comcast.com>
References: <52A89F9F.70604@cs.tcd.ie> <10229F86C86EB444898E629583FD4171EDEAB12A@PACDCEXMB06.cable.comcast.com>
Date: Wed, 11 Dec 2013 18:29:09 +0000
Message-ID: <CABrd9SRhqCfH8GNu7Z-+_6ZSkRSyj7v+=qM+orYZLmJpsqq5OQ@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: "Livingood, Jason" <Jason_Livingood@cable.comcast.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "therightkey@ietf.org" <therightkey@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [therightkey] Draft charter for a Transparency Working Group
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 18:29:17 -0000

On 11 December 2013 17:44, Livingood, Jason
<Jason_Livingood@cable.comcast.com> wrote:
> I totally understand the problem statement. But what concrete things can
> you enumerate as goals/output of the WG?

I already did enumerate the one current output: RFC 6962-bis.

Other interesting targets include DNSSEC transparency, email-to-key
mappings and binary transparency. All implicitly already in the
charter.

>
>
> Jason
>
> On 12/11/13, 12:23 PM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote:
>
>>
>>Thanks Ben,
>>
>>So folks know what we're thinking and in case all the
>>process gibberish isn't clear to you all...
>>
>>Sean and I like the idea of doing this, and the more that
>>it seems to get broader support, the more we'll like it.
>>
>>Since there was already a BoF on this back at IETF-85 [1]
>>that concluded this was work that's relevant to do in
>>the IETF, we're thinking that if a crisp enough charter
>>can be crafted on this list then this wouldn't need another
>>BoF but would be ok to just be pushed into the IESG/IETF
>>approval process.
>>
>>What that means is that when Sean and I think we have a
>>good enough charter draft, then we'll put that into the
>>datatracker and the IESG will do an IESG-internal review
>>to decide if its ready to be sent out for IETF review.
>>If/when the IESG are ok with that going for IETF-wide
>>review then a mail will go to the IETF discuss list so's
>>anyone can comment on the proposed new WG. Then the IESG
>>get to look at it again, and any comments we've gotten,
>>and approve the new WG or not. Charter text tweaks can
>>be expected at each stage.
>>
>>All going well, that could result in a new WG for this
>>being formed early in the new year, before IETF-89
>>with the WG having a first f2f meeting there presumably.
>>
>>So please comment on Ben's text and the above with that
>>in mind. I assume Ben will hold the pen on draft charter
>>text and update that as comments are received.
>>
>>And please use this list for now, since this is the
>>one we used for RFC 6962 so probably has the right
>>people. When/if we form a WG we can make a new list
>>or use this one if folks prefer that.
>>
>>Thanks,
>>S.
>>
>>[1] http://www.ietf.org/proceedings/85/certrans.html
>>
>>On 12/11/2013 04:55 PM, Ben Laurie wrote:
>>> Who's in?
>>>
>>> "Problem statement: many Internet protocols require a mapping between
>>> some kind of identifier and some kind of key, for example, HTTPS,
>>> SMTPS, IPSec, DNSSEC and OpenPGP.
>>>
>>> These protocols rely on either ad-hoc mappings, or on authorities
>>> which attest to the mappings.
>>>
>>>
>>> History shows that neither of these mechanisms is entirely
>>> satisfactory. Ad-hoc mappings are difficult to discover and maintain,
>>> and authorities make mistakes or are subverted.
>>>
>>>
>>> Cryptographically verifiable logs can help to ameliorate the problems
>>> by making it possible to discover and rectify errors before they can
>>> cause harm.
>>>
>>>
>>> These logs can also assist with other interesting problems, such as
>>> how to assure end users that software they are running is, indeed, the
>>> software they intend to run.
>>>
>>>
>>> Work items: Specify a standards-track mechanism to apply verifiable
>>> logs to HTTP/TLS (i.e. RFC 6962-bis).
>>>
>>>
>>> Discuss mechanisms and techniques that allow cryptographically
>>> verifiable logs to be deployed to improve the security of protocols
>>> and software distribution. Where such mechanisms appear sufficiently
>>> useful, the WG will re-charter to add relevant new work items."
>>> _______________________________________________
>>> therightkey mailing list
>>> therightkey@ietf.org
>>> https://www.ietf.org/mailman/listinfo/therightkey
>>>
>>>
>>_______________________________________________
>>therightkey mailing list
>>therightkey@ietf.org
>>https://www.ietf.org/mailman/listinfo/therightkey
>

v2.23.0 | Report a Bug | By Email