IETF Logo Mail Archive

Re: [Trans] Draft agenda

Phillip Hallam-Baker <hallam@gmail.com> Mon, 24 February 2014 21:13 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA8FE1A020E for <trans@ietfa.amsl.com>; Mon, 24 Feb 2014 13:13:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.301
X-Spam-Level: *
X-Spam-Status: No, score=1.301 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_48=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ODH3NHqSYDpS for <trans@ietfa.amsl.com>; Mon, 24 Feb 2014 13:13:01 -0800 (PST)
Received: from mail-lb0-x233.google.com (mail-lb0-x233.google.com [IPv6:2a00:1450:4010:c04::233]) by ietfa.amsl.com (Postfix) with ESMTP id 5B53C1A0250 for <trans@ietf.org>; Mon, 24 Feb 2014 13:13:01 -0800 (PST)
Received: by mail-lb0-f179.google.com with SMTP id l4so2606452lbv.24 for <trans@ietf.org>; Mon, 24 Feb 2014 13:13:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NWt70GKKu6eFbJrrjYwcUB1mG9cCiGriV+31FfoWcx8=; b=unToYPgO2QPNUAUpkdSG9H+8OgE17OwkBFvv8GVgsbklBTjti874AAYMY3/0BWspWp Q7ecHZdLrXFPIzFKHqZGFmkdLIv2NiPXVXiRCNeHosigPNT3OWLB5NUm7QyJvtxNibkA k7AWa2DmlUklo1YX8buGPbVxjHL7Svv7ekfIDceUcDVjtzAxge08jBUBASc7FQuWH7FZ 61tNdXQHwMWM9VB6zEqP0EuKUjTjPcf53sfgzp56c08VMokGjqKUxD9yvH4Z63B7fck6 BOljm+KYwfeV8a7w0VtyjTxD7/zrTUHLjeKH2Mrgl0G8YsmIjv5Y4QOiT7PvPX+oIkZQ bScg==
MIME-Version: 1.0
X-Received: by 10.112.114.228 with SMTP id jj4mr12682135lbb.13.1393276380041; Mon, 24 Feb 2014 13:13:00 -0800 (PST)
Received: by 10.112.37.168 with HTTP; Mon, 24 Feb 2014 13:12:59 -0800 (PST)
In-Reply-To: <878ut0usxw.fsf@alice.fifthhorseman.net>
References: <53063600.4020102@gmail.com> <878ut0usxw.fsf@alice.fifthhorseman.net>
Date: Mon, 24 Feb 2014 16:12:59 -0500
Message-ID: <CAMm+LwjANZrgKXxRD-f4POdn7vz9_f1W2Mj8xTGEFVO9-3Unng@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: multipart/alternative; boundary="001a1134cbfcb4d70d04f32d6f81"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/Y1G-snxU4EydYl9QqAoMPOCJW_M
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Draft agenda
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2014 21:13:04 -0000

On Mon, Feb 24, 2014 at 4:00 PM, Daniel Kahn Gillmor
<dkg@fifthhorseman.net>wrote:

> On Thu 2014-02-20 12:06:08 -0500, Melinda Shore wrote:
> > I've uploaded a first crack at an agenda to
> > http://www.ietf.org/proceedings/89/agenda/agenda-89-trans.
> > Please let me know if anything is missing, or if you'd like
> > to request some time on the agenda.
>
> Thanks for organizing, Melinda!  I'd like to try to make a bit of time
> in the agenda to talk about the use of CT in the SMTP+STARTTLS
> environment.
>
> Given the current opportunistic mode that TLS is used for in SMTP, we
> may decide that there is no reasonable intersection at all today, but i
> think it would be worth putting the issue on people's radar with a brief
> discussion.
>
> For example, brief discussion of any of these questions might be useful:
>

What these all come down to is the question of using the CT log
infrastructure as a potential source for authoritative security policy.

It is a completely valid approach and one that I am looking at but in the
context of SMTP with S/MIME and PGP.

Whether or not these is time at the meeting, I suggest this is a discussion
we continue on therightkey because I have a feeling that Melinda is going
to kick us out pretty quick if we get into discussion of approaches. I
would kick me out.


This is why I think it is important to distinguish between keeping notary
logs for issue of certificates by CAs separate from the issue of how
notarize the notary logs. The way I see it we will end up eventually with
some collection of 'meta-notaries' which cross notarize at regular
intervals making defection or failure of a meta-notary of little concern.
Every meta-notary will cross notatrize every other within a 24hour period
so they are interchangable from a trust point of view.

I would see CT logs of SSL cert issue to be one input to the meta notaries,
CT logs of S/MIME certs another, PGP key signings another, security policy
statements another and so on.


-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email