Re: [Trans] Future work
Andrew Ayer <agwa@andrewayer.name> Wed, 16 August 2017 20:09 UTC
Return-Path: <agwa@andrewayer.name>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 732AE132630 for <trans@ietfa.amsl.com>; Wed, 16 Aug 2017 13:09:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewayer.name
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qfYqXAAZaFet for <trans@ietfa.amsl.com>; Wed, 16 Aug 2017 13:09:23 -0700 (PDT)
Received: from alcazar.beanwood.com (alcazar.beanwood.com [IPv6:2600:3c00:e000:6c::1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E6EE132027 for <trans@ietf.org>; Wed, 16 Aug 2017 13:09:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=andrewayer.name; s=beanwood20160511; t=1502914162; bh=tZJEbdIL6mqRnekKFXLcuxohw4pmyMciMsTZsC4kwgc=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=kXymlHNRJXjPCvQtfb6u7YJzbyLjBY42Ql+QfJUpNqOzrnMBV8vUbn7tXxnY9a7Uz jDeKEJTaie3+T5ziCyWTIX0TqIuLoowhrHuUu4yDOoTzgE2pxBt64wjL5GUTlEEw5V yf6E+NgRqS/klVxkoUrnDKwSBnIWD6zRrWmX2kZ1HUZ/hALrIjrHz0j8UuS+M1X3Cl fNz/WQ9VLOzmxWqtg+Ndjdy3SDJxkOFC5ivZYHaRtJCcDaRKZGK4FY38bcxMZsZW/q VeDQVrWqhxjQMy0v4hBvICj/dCsB03jVp2HuWG13VQ869XNHXDlaUTOivolx8+yqH+ dHL07opxvu1Tw==
Date: Wed, 16 Aug 2017 13:09:21 -0700
From: Andrew Ayer <agwa@andrewayer.name>
To: Melinda Shore <melinda.shore@gmail.com>
Cc: "trans@ietf.org" <trans@ietf.org>
Message-Id: <20170816130921.01d50cfec40efb33ab4f0618@andrewayer.name>
In-Reply-To: <2a482e03-7ac9-d5e3-9d69-7694daf1265b@gmail.com>
References: <2a482e03-7ac9-d5e3-9d69-7694daf1265b@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/FUWu3uEFXjn5DGGmsEUTvKfonCU>
Subject: Re: [Trans] Future work
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Aug 2017 20:09:24 -0000
On Wed, 16 Aug 2017 11:25:20 -0800 Melinda Shore <melinda.shore@gmail.com> wrote: > Hi, all: > > With our major deliverable now pushed out towards IETF > last call, it's time to start considering whether or not > there's additional work to do, or if we're done. As > we've talked about before, we know that there's at least > some interest in: > > . a client behavior document > . logging DNSSEC records > . logging binaries I've also seen interest expressed on the mailing list for: * A monitor API * A strict version of CT > Plus, I'm somewhat concerned about lack of gossip implementation > and deployment, and it's worth considering whether that's because > of lack of interest or because people running logs don't think > that what's in the gossip spec is suitable for their needs. Note that logs don't participate in gossip, so your question is one for TLS clients and monitors/auditors. The biggest problem is that the gossip spec only works with CTv2, and there are no CTv2 logs in existence, let alone implementations. Nevertheless, there's a fairly obvious and minor modification to make STH pollination work with CTv1, and I know of 7 different monitor/auditor implementations which are using this variation of the spec to exchange STHs from publicly-trusted CTv1 logs. That said, I know of no implementations of SCT feedback, nor of any plans by TLS clients to implement any part of gossip. Regards, Andrew
- [Trans] Future work Melinda Shore
- Re: [Trans] Future work Andrew Ayer
- Re: [Trans] Future work Tom Ritter
- Re: [Trans] Future work Ben Laurie
- Re: [Trans] Future work Al Cutter
- Re: [Trans] Future work Rob Stradling
- Re: [Trans] Future work Ben Laurie
- Re: [Trans] Future work Melinda Shore