Re: [Trans] Certificate Transparency Mirrors (experimental)
"Florian M." <florian.maury@gmail.com> Fri, 04 November 2016 13:42 UTC
Return-Path: <florian.maury@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 797811294FB for <trans@ietfa.amsl.com>; Fri, 4 Nov 2016 06:42:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dun-ce6q5RJD for <trans@ietfa.amsl.com>; Fri, 4 Nov 2016 06:42:06 -0700 (PDT)
Received: from mail-vk0-x23b.google.com (mail-vk0-x23b.google.com [IPv6:2607:f8b0:400c:c05::23b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C92B129418 for <trans@ietf.org>; Fri, 4 Nov 2016 06:42:06 -0700 (PDT)
Received: by mail-vk0-x23b.google.com with SMTP id x186so38622878vkd.0 for <trans@ietf.org>; Fri, 04 Nov 2016 06:42:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:message-id:in-reply-to:references:subject :mime-version; bh=BtXSRuHNuRx9Ajm9cHQOht7yuQ5kEU/57zDpqmjdX10=; b=FWTWBdGVhpbRfLSO8lG4vPBN+Nf/CQHxiRHSbEFXSi4gC28SmwT+RXJo7cYR0VI2MB zYfEx5kZLVMq++Rk1GF7CS2QhDQyrvFG6QPPxL5nrWL7ZER/hCX4F0pPFPVu4DpiLM2f y7kxhNRX1Kp4IqjMPAUQ1NxL3gJy/jHgcJGF9W4BL/I+t2dGUXyh/O3cunyCxuNspktG CQQrdW7/ziKB/Nes6YMJG7nOXlhVyDLnD9YxUlZ55db1j0kqg/mF5e7kqZf6zLsLX46N ae6muth2goIUWLupNVkp4TXeKo6BP+xcsq2OVHjT4ePY/BurpBzOoAw73UylUNYC/z6b 4PUQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:message-id:in-reply-to :references:subject:mime-version; bh=BtXSRuHNuRx9Ajm9cHQOht7yuQ5kEU/57zDpqmjdX10=; b=knYpXbeRzeRDNy9JluduxoWu5bwLD8rv6ZaaVgti7rYkf24uP96zGr73+xIW31JbPy SrDHBwmiQu30XGod60b4sYADvpB5ZHULzi3Z+HNn3jj+tXrPbh6LZyx2RUavCzNUpZZo OzkMadeaDbd8LafByyzxO8wlp+WKjufqHknI21HdFwcg4+YmS2hvUPJCX36UsFHm6ceQ /6TRXN+yytzFB05Lvl0fCQp8G/PthXZtde9SQWQD5K5kKDD/l6T/Y55lwXN2ZVWl81ma i0WFzhWOO/kPHDDKuOmeywbYZz/efMbUhSUF5sBQza18XPQnNXQ5s5rZC5jsgsi/jyFH HZnw==
X-Gm-Message-State: ABUngvcNErtzjQhZ4/OxOaORi/bsvK8jh+Db4C3NxFmqnn5/XahSCzsb8z5uzphkpX5+PZxfBic+
X-Received: by 10.157.54.141 with SMTP id h13mr1613369otc.20.1478266925372; Fri, 04 Nov 2016 06:42:05 -0700 (PDT)
X-Google-Already-Archived: Yes
X-Google-Already-Archived-Group-Id: fe7fce7372
X-Google-Doc-Id: 4e6d839466988
X-Google-Thread-Id: a8f335da1112abf5
X-Google-Message-Url: http://groups.google.com/a/chromium.org/group/ct-policy/msg/4e6d839466988
X-Google-Thread-Url: http://groups.google.com/a/chromium.org/group/ct-policy/t/a8f335da1112abf5
X-Google-Web-Client: true
Date: Fri, 04 Nov 2016 06:42:04 -0700
From: "Florian M." <florian.maury@gmail.com>
To: Certificate Transparency Policy <ct-policy@chromium.org>
Message-Id: <8229e7fa-9763-41b7-b08b-ce1286dcb389@chromium.org>
In-Reply-To: <CAP9QY5ZYa6_-=5-DOz3O8PJYi-48sqyBvx2XbyV+3euWKjcavQ@mail.gmail.com>
References: <CAP9QY5ZYa6_-=5-DOz3O8PJYi-48sqyBvx2XbyV+3euWKjcavQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_Part_793_336421361.1478266924827"
X-Google-Token: EKyg8sAFp9zuJyDasgk0
X-Google-IP: 86.65.182.2
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/XcEsjC19PTx8A6yoGt-tK74M1t4>
X-Mailman-Approved-At: Fri, 04 Nov 2016 13:18:14 -0700
Cc: trans@ietf.org, certificate-transparency@googlegroups.com
Subject: Re: [Trans] Certificate Transparency Mirrors (experimental)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2016 13:43:12 -0000
Hi list, I recently developed a small tool to create offline mirrors of some of the logs. I wrote it when I realized that bootstrapping a monitor to try and validate a whole log from scratch can be difficult. The difficulties come from: - a slow download procedure (some log get-entries calls can be relatively slow (seconds and sometimes tens of seconds per query) - if, for whatever reason, a get-entries response is corrupted, the root hash will be incorrect. If the user has no access to intermediate STH, there is no way to narrow down and track the corrupted get-entries result. The user can only start over. I also think that Chrom(e|ium) does not currently fully implement the auditor role. On Fri, Oct 28, 2016 at 1:16 AM, Ryan Sleevi wrote: > Although CT is designed to prevent the damage any one of these > organizations can do, it relies on a fully functioning ecosystem of > gossip and accountability. I've repeatedly made clear that we're > committed to moving towards that system, but I don't think it would be > wise to create a false sense of urgency and suggest it be relaxed. I > say this because relaxing, prior to that robustness, would > particularly benefit organizations who may not be able to ensure their > employees follow proper procedures, or which may not keep up to date > with changes in the log policy, as that could allow for misissuance to > happen without detection, or through coercion. > > Again, we're very much committed to the long term and exploring ways > to relax the policy, but at present, Chrome feels that while it's > reasonable to (for the short-term), trust Google to be honest, it's > not reasonable to trust all logs to do so. Which is why the policy > exists :) As such, I think that Google initiative to set up mirrors is a valid temporary approach, which helps mitigating split view attacks. My tool assists the creation of offline mirrors, by: - downloading the log entries; - building partial tree hashes; - generating Bittorrent metainfo files to allow these mirrors to be downloaded quickly; - providing ways to verify partial downloads. You may find some documentation and the torrents I generated at the following website: https://www.x-cli.eu/ct New torrents will be published every week or so, with the latest entries. The source code of my tool is available at: <goog_2082899890> https://github.com/X-Cli/ATBTCT Cheers, Florian
- [Trans] Certificate Transparency Mirrors (experim… Adam Eijdenberg
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Pierre Phaneuf
- Re: [Trans] Certificate Transparency Mirrors (exp… Florian M.
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Florian MAURY
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Paul Hadfield
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Rob Stradling
- Re: [Trans] [ct-policy] Re: Certificate Transpare… Eran Messeri