IETF Logo Mail Archive

Re: [Trans] How to redact an entry

Ben Laurie <benl@google.com> Wed, 16 November 2016 11:23 UTC

Return-Path: <benl@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B94D1129421 for <trans@ietfa.amsl.com>; Wed, 16 Nov 2016 03:23:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.498
X-Spam-Level:
X-Spam-Status: No, score=-3.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9VUUKpxCMBhf for <trans@ietfa.amsl.com>; Wed, 16 Nov 2016 03:23:07 -0800 (PST)
Received: from mail-ua0-x231.google.com (mail-ua0-x231.google.com [IPv6:2607:f8b0:400c:c08::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CB271297C4 for <trans@ietf.org>; Wed, 16 Nov 2016 03:22:50 -0800 (PST)
Received: by mail-ua0-x231.google.com with SMTP id 12so111445361uas.2 for <trans@ietf.org>; Wed, 16 Nov 2016 03:22:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=iaToy1fVkUePNqQmQJvIF4s+eQLYGk8PbiuPzOGpCE4=; b=kv3BcTEYfNb24FOLE2BlF+12WkZHf+eON6eewhCSfdJlOnq0orebBhNACxWC7btrvU tC4OugeP+JlraUOxxB6EvQ84gQW2hAjmkxxhd71pnqbjxtmkCF6DHPQMcK7+0jmw32Vf P0NI243Z/OXIUpklgWyK5kM9sEvvrCVrkok8diF5Fh30I6MqqQaSAIvperMMpvpboc8n u6xstksaAMRuA7b1ZIwWyaQ9H1bKK1vbTPEooFdoozJZ49l565eYZCbY0qcnew+WwRaR RgMdS/JYduq5OPO5V/mUbZXnB3nF8xRQwbDssX/HX8y51mVG0DP2ATEhiu5i1Kw1qwtq 6okQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=iaToy1fVkUePNqQmQJvIF4s+eQLYGk8PbiuPzOGpCE4=; b=QwV71WOwe0NwFkmbF8RY04F4LBhoNlfDT8KJzewUJCYIL4YSMbcdJzvSzVHlV9oLGn YpSSMtxFv9d8Yu/poOe2J6vF6o7TCmdxat0jYABiB5u54ZMoKiTNWfdVFPCS8DTKiRQ5 K1QfLD7GcoCjDW+Lyhp2BtfyNnpeM3+BIlX0sl0VOaNFMzvRp6BgEWLKDFfVIQ0pxSyf 2IAlElj15SSqEJNnkjs4TpvC6eymNfaj3288A8Hfw+HRa09pNEm11CzJD2tISsvMLlIy oiEDSQcIVWQ97Eq5VpwB+EZmHjptcbBbNLqoCcE1reers4+3ZbCkigOrHqER+Dbaihi4 f0fA==
X-Gm-Message-State: ABUngvcpcD/hfgkMoO8VgP5GograOhntmN+r+k+iq0AicZhZgZDNY1XGsQSbm16T76o4Yt6TeClzqKciWR4WP3ge
X-Received: by 10.176.83.211 with SMTP id l19mr1020949uaa.69.1479295368874; Wed, 16 Nov 2016 03:22:48 -0800 (PST)
MIME-Version: 1.0
Received: by 10.31.162.67 with HTTP; Wed, 16 Nov 2016 03:22:48 -0800 (PST)
In-Reply-To: <CABrd9STPBWt=p-eAW5t=QSw2oexuSeW5tbtcbczagA0jx77gQA@mail.gmail.com>
References: <CABrd9SSeePrsNq8ERjxpbEvUAdyb=yQOGAom0qh9SZMoP=nsMw@mail.gmail.com> <CAMm+LwiZUw+JpEanY5vkxGBOtdrs9HfYzp34cBtwDv34uJCjKw@mail.gmail.com> <4E665C5B-BC28-428E-9BFB-626D3364E05B@nohats.ca> <CABrd9STPBWt=p-eAW5t=QSw2oexuSeW5tbtcbczagA0jx77gQA@mail.gmail.com>
From: Ben Laurie <benl@google.com>
Date: Wed, 16 Nov 2016 11:22:48 +0000
Message-ID: <CABrd9SRgjgtH4B4WcUn-oL5E12wipvJ7erYkZVFFvOPF7zYQDg@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/URVfAU6fiQqlRpngxRien3taMdY>
Cc: Phillip Hallam-Baker <ietf@hallambaker.com>, "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] How to redact an entry
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Nov 2016 11:23:14 -0000

On 16 November 2016 at 11:16, Ben Laurie <benl@google.com> wrote:
> On 16 November 2016 at 03:46, Paul Wouters <paul@nohats.ca> wrote:
>> How can I as log consumer detect the difference between the log removing
>> illegal content and the log being compelled by a government to hide a rogue
>> certificate?
>
> Court orders are court orders. That issue is not in the log's domain.

BTW, anyone who sees the actual cert would presumably verify it, find
the entry is redacted, and publish the cert (or decide they were also
bound by the order cited in the redaction reason and not publish it
:-).

We could say, for example, that a cert whose entry has been redacted
MUST NOT be used further.

>
>>
>> Sent from my iPhone
>>
>> On Nov 16, 2016, at 10:01, Phillip Hallam-Baker <ietf@hallambaker.com>
>> wrote:
>>
>>
>>
>> On Tue, Nov 15, 2016 at 2:49 PM, Ben Laurie <benl@google.com> wrote:
>>>
>>> Eran asked me to briefly describe how redaction in a transparency log
>>> would work.
>>>
>>> First, we introduce a new leaf type, "Redacted". The content of this
>>> leaf is simply the hash of the original leaf, the entry number of the
>>> redaction reason entry (see below) and a signature over the content by
>>> the log key.
>>>
>>> Rather than hashing this entry, verifiers simply use the enclosed hash
>>> to calculate the tree hash.
>>>
>>> Secondly, we introduce a second new leaf type, "Redaction reason".
>>> This leaf contains two things: the entry number of the redacted entry
>>> and a textual explanation of why it was redacted (possibly we need to
>>> get a little more elaborate here, but perhaps the simplest thing to do
>>> is to allow it to include URLs to point to any supporting material).
>>> This leaf type would be hashed in the usual way.
>>>
>>> Observers of the log can verify that every redacted entry has a
>>> corresponding redaction reason entry, and if not, can produce proof it
>>> does not (this is why the redacted entry has to be signed directly).
>>>
>>> Note that the redacted entry could not include the entry number of the
>>> redaction reason, if preferred, though that would force an observer of
>>> that entry to download the whole log to verify the reason and also
>>> would make proof of non-compliance bulky. :-)
>>
>>
>> I decided I had to do something of this sort in the Mesh notary log. It is
>> probably a good idea to do it as a matter of course.
>>
>> Lets consider the general case for a moment, what happens if someone puts
>> some child pornography into the log. Obviously you can't publish it or you
>> go to jail. So you have to take it out which breaks the log.
>>
>> So either you have to devise a scheme that you are certain cannot be used to
>> publish abusive material or you have to have a way to suppress it either. I
>> think the second approach is better.
>>
>>
>> Of course putting bad stuff in a Trans log would be a lot more effort than
>> putting it into the blockchain or the like. But don't think it is
>> impossible. I have a few attacks that are worrying enough not to want to
>> share in public. The sort of thing that has Special Branch making house
>> calls.
>>
>> So I would hash the received data values before enrolling the hash in the
>> notary log as a matter of course.
>>
>> _______________________________________________
>> Trans mailing list
>> Trans@ietf.org
>> https://www.ietf.org/mailman/listinfo/trans

v2.34.0 | Report a Bug | By Email | System Status