Re: [Trans] [ct-policy] Re: Certificate Transparency Mirrors (experimental)
Pierre Phaneuf <pphaneuf@google.com> Fri, 04 November 2016 14:28 UTC
Return-Path: <pphaneuf@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEF8E129503 for <trans@ietfa.amsl.com>; Fri, 4 Nov 2016 07:28:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pi9U4Mf0-h8v for <trans@ietfa.amsl.com>; Fri, 4 Nov 2016 07:28:39 -0700 (PDT)
Received: from mail-yw0-x230.google.com (mail-yw0-x230.google.com [IPv6:2607:f8b0:4002:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 296491294DC for <trans@ietf.org>; Fri, 4 Nov 2016 07:28:38 -0700 (PDT)
Received: by mail-yw0-x230.google.com with SMTP id h14so88043895ywa.2 for <trans@ietf.org>; Fri, 04 Nov 2016 07:28:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=g1khPCyIyhT2YE2mo0nxnhjCTnmq1R9OG5hh6h2abL8=; b=Yf1PFJdei0EPb8KilV65D3382msUKPCNBk6FkQJkn0j4nicvhV3H0HW8+0ojIhSW/4 rWlMT9d84ZEU8omWVR3/DSlY6iktUxbk1m/hjekMxKNNZtPoIXpxdaVNQAubyFB+PMwl 8RJIqkznsnVxXxJILufDDX4KtTZGS0AO/YxzNUdOx3wpSeCcfWh/vnUkWylGKoXgKPHt yLUzvdPMQ/WpwPCDBshDYrfVV49e4Gi7P/x2dEz+qNrzY8JrqgbMyfw1+abNXg4KSaeY rhwrcZB3UJPzjnIxZnIMmQ05bgeTBwfYmW11g8EXFQyOdQytbj5HVytk2woA6CScNw1c XKmA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=g1khPCyIyhT2YE2mo0nxnhjCTnmq1R9OG5hh6h2abL8=; b=EsoqzFgFOY2g5Z0OadeRfovsG5KSZTQq5DjPHh87QFLw6zlv0ju7loNbrnUpTFCCUt 0dmBPw1+XSX5MIdXWTIxaCL7LHHEHUC0D2kRhK7w5beYCqQyuCaYNjd1wR4n+YpGiqkx DS31j0TphXsiXIg/7UVIf3RFnSgVKsFysPTOX2gV/AMZ/lujYoVVaM8ZAM6tYYTqQEEv UcTzRIcYVq/gxo/bg42n2mPfpgSzCITy+ulfLV5Kr2zLJCBp5oYCk/tnhV3FGVW+vv5H k0EX39h0mN4uDoIOG/inzi+JhigNLiMtTfutpY3C14QzVmp7NRly+dk5TblVmogyifpY dz1Q==
X-Gm-Message-State: ABUngvcHGHKwt6yHZUngowXb6r+zgu1cLN+oXQmXAHqcwnFm3b9giHWow6JpA2yM4rAdn52yHuBUoVO6R3h6G87S
X-Received: by 10.107.17.205 with SMTP id 74mr13214518ior.96.1478269717106; Fri, 04 Nov 2016 07:28:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.195.226 with HTTP; Fri, 4 Nov 2016 07:28:35 -0700 (PDT)
In-Reply-To: <8229e7fa-9763-41b7-b08b-ce1286dcb389@chromium.org>
References: <CAP9QY5ZYa6_-=5-DOz3O8PJYi-48sqyBvx2XbyV+3euWKjcavQ@mail.gmail.com> <8229e7fa-9763-41b7-b08b-ce1286dcb389@chromium.org>
From: Pierre Phaneuf <pphaneuf@google.com>
Date: Fri, 04 Nov 2016 14:28:35 +0000
Message-ID: <CAKMqHLg41YkNT=N-kq6Lbtp2A4s6SD040H2cFRvDenZVbgc5_A@mail.gmail.com>
To: "Florian M." <florian.maury@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/WEs1_kyRblV6RdN_sz_1vRu21Es>
Cc: Certificate Transparency Policy <ct-policy@chromium.org>, trans@ietf.org, certificate-transparency <certificate-transparency@googlegroups.com>
Subject: Re: [Trans] [ct-policy] Re: Certificate Transparency Mirrors (experimental)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2016 14:28:43 -0000
On Fri, Nov 4, 2016 at 1:42 PM, Florian M. <florian.maury@gmail.com> wrote: > if, for whatever reason, a get-entries response is corrupted, the root hash > will be incorrect. If the user has no access to intermediate STH, there is > no way to narrow down and track the corrupted get-entries result. The user > can only start over. That's not entirely true, there's a strategy you can use to find where the corruption occurred. If the root hash of the whole Merkle tree doesn't compute correctly, you can do a binary search for the corrupted entry, by using the MerkleTree::RootAtSnapshot method in the C++ implementation (for example) to compute the root hash of your tree at half the size, and do a get-sth-consistency between that tree size and the full one. If the proof applies correctly, then you know the entries below are good, and you can repeat the operation, until you isolate the tree size that stops validating with the consistency proof. You could then drop all the entries from there on and resume from there (simpler), or maybe just re-fetch a chunk and recompute the Merkle tree (hoping the corruption was localised). You can also spot check single entries using inclusion proofs.
- [Trans] Certificate Transparency Mirrors (experim… Adam Eijdenberg
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Pierre Phaneuf
- Re: [Trans] Certificate Transparency Mirrors (exp… Florian M.
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Florian MAURY
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Paul Hadfield
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Rob Stradling
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Eran Messeri