Re: [Trans] Verifying inclusion proof
Ondrej Mikle <ondrej.mikle@nic.cz> Tue, 07 July 2015 15:49 UTC
Return-Path: <ondrej.mikle@nic.cz>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC8151A8A3E for <trans@ietfa.amsl.com>; Tue, 7 Jul 2015 08:49:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.661
X-Spam-Level:
X-Spam-Status: No, score=-5.661 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_CZ=0.445, HOST_EQ_CZ=0.904, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9MkMF_x25vZn for <trans@ietfa.amsl.com>; Tue, 7 Jul 2015 08:49:02 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [217.31.204.67]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0E581A894F for <trans@ietf.org>; Tue, 7 Jul 2015 08:49:01 -0700 (PDT)
Received: from [IPv6:2001:1488:fffe:6:a9b2:4a1c:52ad:2178] (unknown [IPv6:2001:1488:fffe:6:a9b2:4a1c:52ad:2178]) by mail.nic.cz (Postfix) with ESMTPSA id 0C21218144F; Tue, 7 Jul 2015 17:49:00 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nic.cz; s=default; t=1436284140; bh=BmDjDRW/4Jba0RZXfAkb7oBaSGzNadbk5/meaATclDA=; h=Date:From:To; b=KZ+T7PNR9RCqB4GPbc5bh2P95WN5iVW/v7NHSAZTvUWsOYKny564sITtoFpoLhgqx 0PSqw6/pikdolH7vsiUXeUi9mpFRVryoW3zT0OG3RMueBn2KhGvB4UMFvnecj3EvsE PQNDSN3Df95AQhCIs0eQKKoOBn6YWkSfT3Pv4Uh4=
Message-ID: <559BF4EB.1080706@nic.cz>
Date: Tue, 07 Jul 2015 17:48:59 +0200
From: Ondrej Mikle <ondrej.mikle@nic.cz>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Ben Laurie <benl@google.com>, Adam Eijdenberg <eijdenberg@google.com>
References: <558D61DE.8020402@nic.cz> <CACM=_OeTnNCk+VSiQ1E5T2_a7YkxwxZ2w8HJSg13wtVc2wQUfA@mail.gmail.com> <55900D1D.2030009@bbn.com> <CABrd9SQV6tybHwgo=ZATEPjhsV64=5=O-fi10pcwHnAHCyArDA@mail.gmail.com> <20150628220648.GI13302@hezmatt.org> <CABrd9SS7-dDYUhJkFe99YQ2EtdO6x10y=VOc4Qr6ERL+PZq0hQ@mail.gmail.com> <20150629230458.GX30545@hezmatt.org> <CABrd9SSwixBdaF38LS4zf6KSCOqk=VML1MBia+to=eBfPhcfkg@mail.gmail.com> <CAP9QY5b160M7V71NvADcBJrip-c7i8gcSsQYpah3L+mYDxSqmg@mail.gmail.com> <CAP9QY5b2KQay14EiUOiLKCCRPt5X=ZKif5v=fihTzm6Fy8Dvsw@mail.gmail.com> <CABrd9SRjBokNZJmCWsTzre4Hj3OsheyvMmbC0UCQujU+bVS5iw@mail.gmail.com>
In-Reply-To: <CABrd9SRjBokNZJmCWsTzre4Hj3OsheyvMmbC0UCQujU+bVS5iw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 0.98.7 at mail
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/YOiaLvKPlQ0gLWHK25G79hwgYYs>
Cc: Matt Palmer <mpalmer@hezmatt.org>, "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Verifying inclusion proof
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2015 15:49:04 -0000
On 07/07/2015 03:09 PM, Ben Laurie wrote: > On 6 July 2015 at 20:22, Adam Eijdenberg <eijdenberg@google.com> wrote: >> To close this thread out, there were some errors in my previous code and >> algorithms in this thread. They have been corrected and added under section >> 5.5 in the new version of the Internet Draft published earlier today: >> https://tools.ietf.org/html/draft-ietf-trans-rfc6962-bis-08#section-5.5 >> >> I hope the new section is helpful for client implementors. > > BTW, Adam also implemented the algorithms to test them, you can find > them here: https://github.com/google/certificate-transparency-rfcs/blob/master/test_rfc_algorithms.py. Thank you all, the new text and code snippets mentioned in this thread do make the auditing much clearer. Ondrej
- [Trans] Verifying inclusion proof Ondrej Mikle
- Re: [Trans] Verifying inclusion proof Adam Eijdenberg
- Re: [Trans] Verifying inclusion proof Al Cutter
- Re: [Trans] Verifying inclusion proof Stephen Kent
- Re: [Trans] Verifying inclusion proof Ben Laurie
- Re: [Trans] Verifying inclusion proof Matt Palmer
- Re: [Trans] Verifying inclusion proof Ben Laurie
- Re: [Trans] Verifying inclusion proof Stephen Kent
- Re: [Trans] Verifying inclusion proof Phillip Hallam-Baker
- Re: [Trans] Verifying inclusion proof Matt Palmer
- Re: [Trans] Verifying inclusion proof Ben Laurie
- Re: [Trans] Verifying inclusion proof Ben Laurie
- Re: [Trans] Verifying inclusion proof Adam Eijdenberg
- Re: [Trans] Verifying inclusion proof Matt Palmer
- Re: [Trans] Verifying inclusion proof Adam Eijdenberg
- Re: [Trans] Verifying inclusion proof Adam Eijdenberg
- Re: [Trans] Verifying inclusion proof Ben Laurie
- Re: [Trans] Verifying inclusion proof Ondrej Mikle