Re: [Trans] Infrastructure for logs?

Rick Andrews <> Mon, 21 April 2014 21:22 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 17C421A02C3 for <>; Mon, 21 Apr 2014 14:22:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.274
X-Spam-Status: No, score=-5.274 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7nzQrijDFhNo for <>; Mon, 21 Apr 2014 14:22:28 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 3E4391A02CA for <>; Mon, 21 Apr 2014 14:22:27 -0700 (PDT)
X-AuditID: d80ac3f2-b7f828e0000045d3-d9-53558c0e0e67
Received: from ( []) by (Symantec Brightmail Gateway out) with SMTP id AF.32.17875.E0C85535; Mon, 21 Apr 2014 21:22:22 +0000 (GMT)
Received: from [] (helo=TUS1XCHHUBPIN01.SYMC.SYMANTEC.COM) by with esmtp (Exim 4.76) (envelope-from <>) id 1WcLfS-0006WI-5J; Mon, 21 Apr 2014 17:22:22 -0400
Received: from TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM ([]) by TUS1XCHHUBPIN01.SYMC.SYMANTEC.COM ([]) with mapi; Mon, 21 Apr 2014 14:22:20 -0700
From: Rick Andrews <>
To: Ben Laurie <>, CABFPub <>, "" <>
Date: Mon, 21 Apr 2014 14:22:19 -0700
Thread-Topic: [Trans] Infrastructure for logs?
Thread-Index: Ac9aX5lm4UqgmlR5R7axLjB/SYgx0ADR/N3A
Message-ID: <544B0DD62A64C1448B2DA253C011414607C96F9B1F@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprBIsWRmVeSWpSXmKPExsXCZeB6SpevJzTYYN5fY4sNn6+xWUx5vobZ Yu3jiywOzB7rZp5l9liwqdRjyZKfTAHMUVw2Kak5mWWpRfp2CVwZy04eZCl4wV3R9P4iWwPj Jc4uRk4OCQETiRXNdxkhbDGJC/fWs3UxcnEICbxjlJj27y6U84pR4tG3tawQzipGifs/H7OD tLAJ6ElseXwFyObgEBFIkZj9LBskzCKgKjHn3xJWEFtYQFfi9IdPbCC2CFD5z18t7BC2kcSf ra/B4rwCURKfzj5iAhkjJBAgceCQLUiYUyBQ4tWejcwgNiPQcd9PrWECsZkFxCVuPZnPBHG0 gMSSPeeZIWxRiZeP/7FC1ItK3GlfzwhRryOxYDfECcwC2hLLFr5mhlgrKHFy5hOWCYxis5CM nYWkZRaSlllIWhYwsqxilCkpLTYszi3JLy0pSK0wMNIrrsxNBMZWsl5yfu4mRmB83eA6/GkH 48y9jocYBTgYlXh4f7aFBguxJpYBVR5ilOBgVhLhXZsGFOJNSaysSi3Kjy8qzUktPsQozcGi JM573ds6WEggPbEkNTs1tSC1CCbLxMEp1cCYp5tYsv7hFNtlZzfLeMfzX8zWlxCqbReOTwot lmZSmJ/4VKMnsdVyysmPcwO385uzc8/1OvT3TKi1pcDyzrPlks3H91YVbps18e2mJVcrv0fn bN9b83get92GY0+EOiqZrs4RkWOo7M9huZlxY+/Pbe+TE07sX/knWmO1nUj2yge+/DylPReU WIozEg21mIuKEwGSf7xHqwIAAA==
Subject: Re: [Trans] Infrastructure for logs?
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 21 Apr 2014 21:22:30 -0000

1.	Web Server - Apache on Linux; App Server - Tomcat (Web application - java based REST APIs) on Linux
2.	Oracle db
3.	Stateless load balancing so that machines can be brought up and down at will without missing any certs or corrupting the logs


-----Original Message-----
From: Trans [] On Behalf Of Ben Laurie
Sent: Thursday, April 17, 2014 10:08 AM
To: CABFPub;
Subject: [Trans] Infrastructure for logs?

My team is considering doing some work on the open source log implementation to make it less of a reference implementation and more something that you could consider running in (or adapting for) a production environment.

It would help guide our thinking of those CAs (and others) who are considering running logs would give us some hints about the kind of production environment they would like to run in. In particular:

1. Operating systems.

2. Database managers.

3. Any other constraints you might have on a production environment.

Public discussion would be useful, but if you would rather tell me privately that is also fine. Bear in mind that what we learn will probably influence open source code, though that's obviously very unlikely to reveal anything about anyone in particular.

Certificate Transparency is hiring! Let me know if you're interested.

Trans mailing list