Re: [Trans] Long Poll
"Devon O'Brien" <devon.obrien@gmail.com> Fri, 22 March 2019 19:38 UTC
Return-Path: <devon.obrien@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id E5FAA1311E9
for <trans@ietfa.amsl.com>; Fri, 22 Mar 2019 12:38:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id TIaIOYN3LKa0 for <trans@ietfa.amsl.com>;
Fri, 22 Mar 2019 12:38:49 -0700 (PDT)
Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com
[IPv6:2a00:1450:4864:20::435])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 329DD130E2F
for <trans@ietf.org>; Fri, 22 Mar 2019 12:38:49 -0700 (PDT)
Received: by mail-wr1-x435.google.com with SMTP id p1so3566261wrs.8
for <trans@ietf.org>; Fri, 22 Mar 2019 12:38:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:cc; bh=LB4VOCxgA4xk319FnmQvwQJcbKtu9XG3d2pRX0GiJC0=;
b=tWpbdlVEMbuTJ9cGfpfCon+MqAgCdQC9lbYz6I4nMbOpjWbP1Z7EoJCm/qFrSC3Vcv
IK36xn5K+ooTWHKM9AXgOKe64bre4SejAGXL3H6lXRBu/VpwD8Nnd7OT8K5jxyQ843f/
jelEM7sTGTTCEq5k2OwsoHnjHPWsFzjD8/rIaxVp1gapADjW0t6ZVQtZ1Tm1j9qeZpHC
ihOVnhg+9pCH7e2lofLhDp0UD4wTJb1mB2c96xFw7WVHzoVCkSJ1cU9nRGm016XI4qkm
WTE4Smq6eDZMTS++1nui2S4L9nGO1p+hCnGkznFEvkh2ahxBeOEASx+wUfQBjTCtE3At
F1+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=LB4VOCxgA4xk319FnmQvwQJcbKtu9XG3d2pRX0GiJC0=;
b=KXm6v+MhAUnRFZKeqFBkiiXs8Hb3hnzlk9nOdJcxxJawMd7mU8yAZnNRDMGLW/vvul
ZFtWoGMsAh6U7wCsZJI0CU9yjOpFXhumx9ET1WUIX2lvTUF4J6QfWn88HEw5dlUAQnrD
YAT5hOlUZQcfadzUw8oNftSmpjri77LfgqPqOOGCohdzg9M00ePEmejZ55HgkgoQMWPF
YjApjDXehthKytVw3HdBVj8pesZ8fZsQ4Gxo4omb8wsjHxnubzNyZvx0t0x8OwpYouAb
3cPWZSDKQX9Nl4SYBfe2rviN+Qz9KLblM9T9ahRUKLo1LGgqVG+azk4BqAVrKNi5qLf9
DnbA==
X-Gm-Message-State: APjAAAUyCV1Wvce77fZEet0Riiwm0bFUcZ81BKA1GE1cg9XLjW+Hvj/b
t+oCAh9bjX/Zmho2CmjKRXZFvaItycn2m6D9/h4=
X-Google-Smtp-Source: APXvYqyyR5vLFwH2vRbOxRPt0vVpT7MXnX+osbe9NSR/c3RBgb4v3KPSX8blqG7vBnXzj9of1ug3v9Z+m8nQAEpOvPM=
X-Received: by 2002:adf:f64d:: with SMTP id x13mr8003617wrp.298.1553283527625;
Fri, 22 Mar 2019 12:38:47 -0700 (PDT)
MIME-Version: 1.0
References: <1553165248.1179.0@smtp.gmail.com>
<CALzYgEfEgO2R_SwsAE-UtqV0rPAX9trcREt2jCTw_i1OHsXQFg@mail.gmail.com>
<1553186500.1179.1@smtp.gmail.com> <1553195698.1179.2@smtp.gmail.com>
<20190322164812.jajis3kx6qbxn25f@work>
In-Reply-To: <20190322164812.jajis3kx6qbxn25f@work>
From: "Devon O'Brien" <devon.obrien@gmail.com>
Date: Fri, 22 Mar 2019 12:38:36 -0700
Message-ID: <CAPpiK7WEHsFnt2iy64k==7q58ok8A4rYMgWRrfwJ6O-20MJdzQ@mail.gmail.com>
To: Rasmus Dahlberg <rasmus.dahlberg@kau.se>
Cc: Evgeny <xramtsov@gmail.com>, eranm@google.com, trans@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e653900584b4009b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/Gra1qcuAqS4rhz0E6yE0pEpve98>
Subject: Re: [Trans] Long Poll
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list
<trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>,
<mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>,
<mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2019 19:38:52 -0000
The capability to incorporate certificate logging requests, and therefore mint substantially more frequent STHs is an artifact of the new codebase that these CT Logs are running on. The migration was performed in November [1] as you have observed, and was undertaken to increase reliability and availability of these CT Logs. Frequent STHs are compliant with both RFC 6962 and the relevant CT-enforcing user agent policies, but if this behavior is actively harmful, discussion on ct-policy@chromium.org is probably the most reliable venue for discussing changes that are outside the scope of RFC 6962, as this will be visible to Log Operators, CAs, and Browsers/UAs. [1] https://groups.google.com/a/chromium.org/d/msg/ct-policy/-AGqeW5r7ck/4M6BB9CEAQAJ On Fri, Mar 22, 2019 at 9:48 AM Rasmus Dahlberg <rasmus.dahlberg@kau.se> wrote: > Hi, > > You could fetch the latest STH periodically based on how often a log can > produce > it: see MMD and STH frequency in Section 4.1. For example, checking once > per > hour makes sense if a log's MMD is 24 hours and its STH frequency is 24. > If you > are looking to fetch STHs today, i.e., from a log that is not CT/bis > compliant, > you could learn how often STHs are normally produced by some initial > polling > tests. Another option is to simply pick an interval that suits your needs, > preferably without being to aggressive based on how often STHs are > produced. > > On the topic of STH frequency, have anyone else noticed that Google's > Icarus, > Pilot, Rocketeer and Skydiver logs switched from one hour STH interarrival > times > to nearly instant updates somewhere around November 2018? Try fetching one > hundred STHs back-to-back: most tree sizes will be unique. > > If anyone knows what motivated this change I would happily be pointed in > the > right direction. As many of you know, such high STH frequencies can cause > a lot > of friction while experimenting and deploying various forms of > gossip/auditing. > > /R > > On Thu, Mar 21, 2019 at 10:14:58PM +0300, Evgeny wrote: > > On Thu, Mar 21, 2019 at 7:41 PM, Evgeny <xramtsov@gmail.com> wrote: > > > Like while(0) {... sleep(1)}? > > > > Oops, it should have been while(1) of course :) > > > > _______________________________________________ > > Trans mailing list > > Trans@ietf.org > > https://www.ietf.org/mailman/listinfo/trans > > _______________________________________________ > Trans mailing list > Trans@ietf.org > https://www.ietf.org/mailman/listinfo/trans >
- [Trans] Long Poll Evgeny
- Re: [Trans] Long Poll Eran Messeri
- Re: [Trans] Long Poll Evgeny
- Re: [Trans] Long Poll Evgeny
- Re: [Trans] Long Poll Rasmus Dahlberg
- Re: [Trans] Long Poll Evgeny
- Re: [Trans] Long Poll Devon O'Brien
- Re: [Trans] Long Poll Rasmus Dahlberg