IETF Logo Mail Archive

Re: [Trans] Call for adoption, draft-linus-trans-gossip-ct

Tom Ritter <tom@ritter.vg> Thu, 13 August 2015 00:34 UTC

Return-Path: <tom@ritter.vg>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B69491B2E77 for <trans@ietfa.amsl.com>; Wed, 12 Aug 2015 17:34:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.52
X-Spam-Level:
X-Spam-Status: No, score=0.52 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3wrMgbhlUEqr for <trans@ietfa.amsl.com>; Wed, 12 Aug 2015 17:34:52 -0700 (PDT)
Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2178A1B2E79 for <trans@ietf.org>; Wed, 12 Aug 2015 17:34:52 -0700 (PDT)
Received: by iodt126 with SMTP id t126so37356362iod.2 for <trans@ietf.org>; Wed, 12 Aug 2015 17:34:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=6hEhDpU0ZFBcYR7YTF62jnxqFMm75FTKHs+p22hQ4x8=; b=vdtWZC/WNMkSRr47gAVEheFFVitFcrIzQ80oETX2LzGQUrbiC/VHz37STITlzTCj9+ z4katvvAf0CrRwxtcYykS9xuNYYtICf1rOlQ4Kw0WqA+drfKBkE3Ze/hkCk05pDD7Atj 7JbYpWJM9COo6WWDGWo0/ebcjLxjxrg1Ebhhs=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=6hEhDpU0ZFBcYR7YTF62jnxqFMm75FTKHs+p22hQ4x8=; b=VTQ9YnHYRyhzQ7MJdMbI1XwVWWyZGoerZCFtgsxWkq8k9ON8Rv9Ji0lkXYRPV80x9M ig7R+RqU/TUS3HJFLZFTl7W3HOMSEdz0Dj22i/8fuoaZzdAtjy5kDWLZF4mDyPvR1BlC e8lNzMdaBJ/zeECguJs9kuXKl8S4fBW6skRuwQphIZq/K/BVL3QTveagdTaFyNOEPA4w PHbbXliCQyeCl0i11UcHaHWtZdxmOH8o024bT0ZYlpJrYBEoorHRdS1e0i5iNnZ0UTaU sr6LVje2bgTu+m9QBbQVQpapVsqVuxUQvKa9lPeu/tMH9x7oYF58cLa8XVCfaglZUPNQ WS4Q==
X-Gm-Message-State: ALoCoQnGn2AhY1cQiLfW496jqRbyizln5jedOgCRizDHjnzH97A8ootBSlsNquhzaZuWAYnY6PGp
X-Received: by 10.107.131.168 with SMTP id n40mr40074380ioi.47.1439426090917; Wed, 12 Aug 2015 17:34:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.71.1 with HTTP; Wed, 12 Aug 2015 17:34:31 -0700 (PDT)
In-Reply-To: <1AD5EA0D-5E8C-4C1D-B32C-24CB9375C8F2@gmail.com>
References: <mailman.3884.1437667800.3631.trans@ietf.org> <6E6EF479-66BE-4EBE-956C-22009BCED863@gmail.com> <CABrd9SRG-SQtADhS=hee_Zf4vzMETyZOYtqg5Xp82Dq70C0puQ@mail.gmail.com> <7BE2DAF1-6D52-4E6C-A00D-0F91B74B5028@gmail.com> <CABrd9SRXHH6FS=FeTp-fw8EHF5yeGEY=zu3rva+HCXZ0UQ9STA@mail.gmail.com> <1AD5EA0D-5E8C-4C1D-B32C-24CB9375C8F2@gmail.com>
From: Tom Ritter <tom@ritter.vg>
Date: Wed, 12 Aug 2015 19:34:31 -0500
Message-ID: <CA+cU71=+2skS1E1Fi8B7cFPaqhrc1Lo7UBgLbfQrFZrMM+-oGw@mail.gmail.com>
To: Bryan Ford <brynosaurus@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/as4DfY8KcyV14cxqXZHRLwgVR5E>
Cc: "trans@ietf.org" <trans@ietf.org>, Ben Laurie <benl@google.com>
Subject: Re: [Trans] Call for adoption, draft-linus-trans-gossip-ct
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2015 00:34:53 -0000

On 8 August 2015 at 12:25, Bryan Ford <brynosaurus@gmail.com> wrote:
> [Many good things]

Okay.  If I simplify unfairly I think I agree with many of the root
points of your email.

1) Yes, more logs plus even a weeks worth of STHs probably affords too
much ability for tracking. Releasing a STH will have some sort of
probability attached to it, but again 'statistics'[0]. I've open a
ticket to make sure we don't lose this.

2) Yes, a multi-signer log is more resistant to attack than a
single-signer log. I would note there's nothing that would stop
someone from running a multi-signer log using distributed signing; and
if you can work out the practicalities, your log would probably be
seen as one of the more trustworthy ones. I'm doubtful of the
likelihood of converting existing logs into this model, but since CT
can evolve over time, and logs can be removed/added, there's no reason
it can't be a long-term goal.

-tom

[0] I think there will be a revival (or at least a re-visit) of the
research done for pooling strategies in remailers. There was a paper
that summed up all the different pooling strategies. Don't remember
the name, but I know it's on http://www.freehaven.net/anonbib/

v2.23.0 | Report a Bug | By Email