IETF Logo Mail Archive

Re: [Trans] IETF 94 TRANS minutes Draft

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 16 November 2015 18:23 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6EC21A7032 for <trans@ietfa.amsl.com>; Mon, 16 Nov 2015 10:23:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jcl2yFlQFyPy for <trans@ietfa.amsl.com>; Mon, 16 Nov 2015 10:23:20 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 084111A006D for <trans@ietf.org>; Mon, 16 Nov 2015 10:23:20 -0800 (PST)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id C1273F984; Mon, 16 Nov 2015 13:22:58 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 7D81E204F9; Mon, 16 Nov 2015 13:22:30 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Ben Laurie <benl@google.com>, "Salz, Rich" <rsalz@akamai.com>, "trans@ietf.org" <trans@ietf.org>
In-Reply-To: <CABrd9SS=Xwh8n7-u+6n7ProJBds6X8g8Go828JctxMMB_=Yptg@mail.gmail.com>
References: <748e68fd32664a298722cddf8ad54ea6@usma1ex-dag1mb1.msg.corp.akamai.com> <CABrd9SS=Xwh8n7-u+6n7ProJBds6X8g8Go828JctxMMB_=Yptg@mail.gmail.com>
User-Agent: Notmuch/0.20.2 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)
Date: Mon, 16 Nov 2015 13:22:30 -0500
Message-ID: <87fv05iz2x.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/U6ZGXFrrQ0mzW2ZJui-ElLW7v1A>
Subject: Re: [Trans] IETF 94 TRANS minutes Draft
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Nov 2015 18:23:22 -0000

On Mon 2015-11-16 13:08:48 -0500, Ben Laurie wrote:
> On Mon, 2 Nov 2015 at 05:38 Salz, Rich <rsalz@akamai.com> wrote:
>> Discussion about what inclusion proof is/contains. Dkg and bryan agree
>> embedding them in cert is probably bad idea.
>
> This is not helpful: I think it is probably a good idea. Why is it a bad
> idea?

>From a privacy-perspective: with relatively long-lived certs, embedded
inclusion proofs are going to contain "stale" STHs.  As a result, it
makes the verification of these STHs (via consistency proofs)
potentially privacy-sensitive, since they could be tied to a specific
origin.

in the current Gossip approach, we manage to make STHs
non-privacy-sensitive specifically because clients keep them "fresh" and
are therefore all gossiping about the same current set of STHs.

Does this make sense?  I'd love to hear a counterargument, as i'm
generally more in favor of inclusion proofs than of SCTs.  Including an
up-to-date inclusion-proof *alongside* a cert seems fine to me, as would
including a "fresh" inclusion proof in a short-lived cert.

But my understanding of the lifetime of certs and the narrow window of
freshness we'd like to keep for STH gossip don't line up.

If a cert includes an older inclusion proof to STH k, and that's always
bundled with a consistency proof from k to the current "fresh" STH n, i
don't think that'd be a bad thing.

    --dkg

v2.23.0 | Report a Bug | By Email