Re: [Trans] Threat model outline, attack model
Matt Palmer <mpalmer@hezmatt.org> Sun, 28 September 2014 22:35 UTC
Return-Path: <mpalmer@hezmatt.org>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18AD41A6EF1 for <trans@ietfa.amsl.com>; Sun, 28 Sep 2014 15:35:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.321
X-Spam-Level: **
X-Spam-Status: No, score=2.321 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_NET=0.311, J_CHICKENPOX_14=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q3c0iSSmUGQA for <trans@ietfa.amsl.com>; Sun, 28 Sep 2014 15:35:32 -0700 (PDT)
Received: from mail.hezmatt.org (mpalmer-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:9e6::2]) by ietfa.amsl.com (Postfix) with ESMTP id 398BE1A1BD6 for <trans@ietf.org>; Sun, 28 Sep 2014 15:35:31 -0700 (PDT)
Received: from mistress.home.hezmatt.org (unknown [10.6.66.6]) by mail.hezmatt.org (Postfix) with ESMTP id 654A0282E0B for <trans@ietf.org>; Mon, 29 Sep 2014 08:35:30 +1000 (EST)
Received: by mistress.home.hezmatt.org (Postfix, from userid 1000) id 747F19FF90; Mon, 29 Sep 2014 08:35:29 +1000 (EST)
Date: Mon, 29 Sep 2014 08:35:29 +1000
From: Matt Palmer <mpalmer@hezmatt.org>
To: trans@ietf.org
Message-ID: <20140928223529.GB28050@hezmatt.org>
References: <54242F8A.2080602@bbn.com> <CABrd9SSwAdv-mAgofNT6bMWky7q=bZhAaX=L4gZUQDkROQ-3ZA@mail.gmail.com> <54258AF0.7090602@bbn.com> <4842B04F-A058-4F3C-9DA3-F29735EC7570@taoeffect.com> <alpine.LFD.2.10.1409262236210.27616@bofh.nohats.ca> <FC4A18E2-A42C-472F-B9FE-2278BB5A0BBA@taoeffect.com> <CABrd9SQBuQO1wrv7s06aT-GGyeWmu2sFzJrH6a+t81aq-dei+w@mail.gmail.com> <77D4B290-D2C8-44D7-AF84-A0A1B91B9557@taoeffect.com> <20140927211940.GP28050@hezmatt.org> <CF7C1E45-159E-41AF-A1A8-C8CC8D28088C@kinostudios.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CF7C1E45-159E-41AF-A1A8-C8CC8D28088C@kinostudios.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/6CDAInv-DJEE4LB757ZucOIg4KQ
Subject: Re: [Trans] Threat model outline, attack model
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Sep 2014 22:35:34 -0000
On Sat, Sep 27, 2014 at 02:40:59PM -0700, Greg wrote: > On Sep 27, 2014, at 2:19 PM, Matt Palmer <mpalmer@hezmatt.org> wrote: > > > On Sat, Sep 27, 2014 at 09:58:56AM -0700, Tao Effect wrote: > >> "No barrier"? Subjects (domain owners) would need to monitor *all* the logs out there. > >> > >> There will be like 1000+ logs out there. > > > > "Citation needed", as the Wikipedeans say. I'm not sure how you could > > possibly come to that conclusion. > > I am citing your own documentation: I had nothing to do with the content on that webpage. Not everyone interested in CT works for Google, y'know. > "we think “every major CA” is within limits of feasibility" > > http://www.certificate-transparency.org/faq > And using Jacob's numbers from here: > > http://www.ietf.org/mail-archive/web/therightkey/current/msg00745.html The word "major" does not appear anywhere in the content of that resource. Thus, you're comparing apples with oranges -- the Google CT FAQ suggests that "every major CA" may run a log, while your resource says there may be between "more than 1200" and 1832 CA certificates (total, comprising both roots and intermediates) in active existence, but with no indication of how many of those may be considered "major". - Matt -- The New York Times: the paper that asks for more verification from its readers than its writers.
- [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Katriel Cohn-Gordon
- [Trans] Fwd: Threat model outline, attack model Melinda Shore
- Re: [Trans] Threat model outline, attack model Ben Laurie
- Re: [Trans] Threat model outline, attack model Dmitry Belyavsky
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Dmitry Belyavsky
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Dmitry Belyavsky
- Re: [Trans] Threat model outline, attack model Ben Laurie
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Ben Laurie
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Ben Laurie
- Re: [Trans] Threat model outline, attack model Tao Effect
- Re: [Trans] Threat model outline, attack model Paul Wouters
- Re: [Trans] Threat model outline, attack model Tao Effect
- Re: [Trans] Threat model outline, attack model Ben Laurie
- Re: [Trans] Threat model outline, attack model Tao Effect
- Re: [Trans] Threat model outline, attack model Matt Palmer
- Re: [Trans] Threat model outline, attack model Tao Effect
- Re: [Trans] Threat model outline, attack model Ralph Holz
- Re: [Trans] Threat model outline, attack model Ben Laurie
- Re: [Trans] Threat model outline, attack model Tao Effect
- Re: [Trans] Threat model outline, attack model Tao Effect
- Re: [Trans] Threat model outline, attack model Matt Palmer
- Re: [Trans] Threat model outline, attack model Greg
- Re: [Trans] Threat model outline, attack model Gervase Markham
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model Ralph Holz
- Re: [Trans] Threat model outline, attack model Ben Laurie
- Re: [Trans] Threat model outline, attack model Stephen Kent
- Re: [Trans] Threat model outline, attack model David Leon Gil
- Re: [Trans] Threat model outline, attack model Tao Effect
- Re: [Trans] Threat model outline, attack model Stephen Kent