Re: [Trans] Future work
Al Cutter <al@google.com> Thu, 17 August 2017 10:35 UTC
Return-Path: <alcutter@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF658132063 for <trans@ietfa.amsl.com>; Thu, 17 Aug 2017 03:35:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RAzqsYRQPMdE for <trans@ietfa.amsl.com>; Thu, 17 Aug 2017 03:35:28 -0700 (PDT)
Received: from mail-pg0-x233.google.com (mail-pg0-x233.google.com [IPv6:2607:f8b0:400e:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D054D132064 for <trans@ietf.org>; Thu, 17 Aug 2017 03:35:27 -0700 (PDT)
Received: by mail-pg0-x233.google.com with SMTP id v189so40222610pgd.2 for <trans@ietf.org>; Thu, 17 Aug 2017 03:35:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=GIUCYektItpcGHk4Jtf+BPPKVRENgnbbWr19jCHMcfA=; b=vo98FUz0zZwJD4RFy+0K/jXe6Fd4g+Skj7SgJrtUVgp6Ay5Dz0GbEFZXdia3DBs3ZY kHbUF9mqlbJCFiIYoNEi8bZ5B1hWEdwXl1RDcfyinos1wwzc+f47agsiYBcry2VxEMLc sciP5rijbawDZF9I50LSC2qe6VZgOYwLVpeSthEckdBfJ+aV8BYwm5IlLQ0S3AKBX+yv +wvmVzdHi6SQ8KYbZ/MoRwZWqWxbGRX9HSBYh750ybWsEmnkAEVRDAr91tZtc6NAbkuH CZQxGmTJbPuSBfkj7Wn5EoaI1MLn9FkdHITVZzaEUMUoGDWxeIyIVwqKr/zffpUXXDKG q7wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=GIUCYektItpcGHk4Jtf+BPPKVRENgnbbWr19jCHMcfA=; b=MG2FvZYYEqgst5RSftbKT91cJ34gzWGAPXOuDRV009v+Hm3BtwgP0YBcLjY5R/jNrP QAQTsB2Tiegtqyq3ALh2EFSQ+QrVSY86e9Ob7q29J16D9koPGrvUqW3fNMxfMCqddkAO C00AIhPZ+vQyfI61MnRPw+AdFtk0h5C615sjke1ahanx58iLS87pgs89REBkLBlu3nv1 UW4xme8dJqKrei9GmriWwojcgfcdxGWi1+wFyIWfBzSrFn/qcs6mNpi4bpm996+x1rE0 hhlmh9bajJ3T5G0POM1MncpDUhENv9V/4jDuAkT5MQ+AbVNCVGwg0rqLCok71iJycpmI 6OnA==
X-Gm-Message-State: AHYfb5jQCNXnL8wwbyu462G7B+5EjAo2/DZB7sKna2WCWGTXzcKZGSp+ JCNIuMjZyihku/K9aAJjw3BUDpwZcuZS
X-Received: by 10.84.215.207 with SMTP id g15mr1349743plj.22.1502966127095; Thu, 17 Aug 2017 03:35:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.191.1 with HTTP; Thu, 17 Aug 2017 03:35:26 -0700 (PDT)
In-Reply-To: <CABrd9SQYWYSxd4hUyRrqCpqJ20sHOUdULpQ0q+qkqCFa_sEVsw@mail.gmail.com>
References: <2a482e03-7ac9-d5e3-9d69-7694daf1265b@gmail.com> <20170816130921.01d50cfec40efb33ab4f0618@andrewayer.name> <CABrd9SQYWYSxd4hUyRrqCpqJ20sHOUdULpQ0q+qkqCFa_sEVsw@mail.gmail.com>
From: Al Cutter <al@google.com>
Date: Thu, 17 Aug 2017 11:35:26 +0100
Message-ID: <CACM=_OczZOWigG6Ovmh+vaE089O2k4ewSAZsiTaSRfHbjYQnAA@mail.gmail.com>
To: Ben Laurie <benl@google.com>
Cc: Andrew Ayer <agwa@andrewayer.name>, Melinda Shore <melinda.shore@gmail.com>, "trans@ietf.org" <trans@ietf.org>
Content-Type: multipart/alternative; boundary="f403045c575c1dd18c0556f09289"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/iWwZckInM3MG25LNAblPcMJEgvY>
Subject: Re: [Trans] Future work
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Aug 2017 10:35:31 -0000
On Thu, Aug 17, 2017 at 10:32 AM, Ben Laurie <benl@google.com> wrote: > > > On 16 August 2017 at 21:09, Andrew Ayer <agwa@andrewayer.name> wrote: > >> On Wed, 16 Aug 2017 11:25:20 -0800 >> Melinda Shore <melinda.shore@gmail.com> wrote: >> >> > Hi, all: >> > >> > With our major deliverable now pushed out towards IETF >> > last call, it's time to start considering whether or not >> > there's additional work to do, or if we're done. As >> > we've talked about before, we know that there's at least >> > some interest in: >> > >> > . a client behavior document >> > . logging DNSSEC records >> > . logging binaries >> >> I've also seen interest expressed on the mailing list for: >> >> * A monitor API >> > > Since we now know how to build verifiable monitors, perhaps that is part > of an API? > > >> * A strict version of CT >> > > What do you mean by this? > > >> >> > Plus, I'm somewhat concerned about lack of gossip implementation >> > and deployment, and it's worth considering whether that's because >> > of lack of interest or because people running logs don't think >> > that what's in the gossip spec is suitable for their needs. >> >> Note that logs don't participate in gossip, so your question is one >> for TLS clients and monitors/auditors. >> >> The biggest problem is that the gossip spec only works with CTv2, >> and there are no CTv2 logs in existence, let alone implementations. >> >> Nevertheless, there's a fairly obvious and minor modification to make >> STH pollination work with CTv1, and I know of 7 different >> monitor/auditor implementations which are using this variation of the >> spec to exchange STHs from publicly-trusted CTv1 logs. >> >> That said, I know of no implementations of SCT feedback, nor of any plans >> by TLS clients to implement any part of gossip. >> > > IMO "gossipless gossip", i.e. cross-logging of STHs is the way to go. > I agree, but you knew that already :) To the broader, original, question - I do think there's plenty more work to do, but I'd prefer to see any document work happening in parallel with experimentation and implementations (and again I admit I'm not familiar with IETF process, so feel free to tell me that's now how it's supposed to work). With that in mind, my team intends to start some experimental work on the verifiable monitor and gossip topics soon (probably Q4 time-frame), once we've dealt with getting Trillian based CT Logs into service, and related existing-ecosystem work; and if there's interest we'd welcome discussion and collaboration either here or over on the CT list. Cheers, Al. > >> >> Regards, >> Andrew >> >> _______________________________________________ >> Trans mailing list >> Trans@ietf.org >> https://www.ietf.org/mailman/listinfo/trans >> > > > _______________________________________________ > Trans mailing list > Trans@ietf.org > https://www.ietf.org/mailman/listinfo/trans > >
- [Trans] Future work Melinda Shore
- Re: [Trans] Future work Andrew Ayer
- Re: [Trans] Future work Tom Ritter
- Re: [Trans] Future work Ben Laurie
- Re: [Trans] Future work Al Cutter
- Re: [Trans] Future work Rob Stradling
- Re: [Trans] Future work Ben Laurie
- Re: [Trans] Future work Melinda Shore