Re: [Trans] Putting illegal stuff in an append only ledger
Ryan Sleevi <ryan-ietf@sleevi.com> Thu, 29 March 2018 13:59 UTC
Return-Path: <ryan-ietf@sleevi.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DD6312DA4F for <trans@ietfa.amsl.com>; Thu, 29 Mar 2018 06:59:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 430AzL4jVrDV for <trans@ietfa.amsl.com>; Thu, 29 Mar 2018 06:59:38 -0700 (PDT)
Received: from homiemail-a34.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52A32124BE8 for <trans@ietf.org>; Thu, 29 Mar 2018 06:59:38 -0700 (PDT)
Received: from homiemail-a34.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a34.g.dreamhost.com (Postfix) with ESMTP id 506BFA004F30 for <trans@ietf.org>; Thu, 29 Mar 2018 06:59:11 -0700 (PDT)
Received: from mail-it0-f49.google.com (mail-it0-f49.google.com [209.85.214.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: ryan@sleevi.com) by homiemail-a34.g.dreamhost.com (Postfix) with ESMTPSA id D2EB6A004F33 for <trans@ietf.org>; Thu, 29 Mar 2018 06:58:31 -0700 (PDT)
Received: by mail-it0-f49.google.com with SMTP id 71-v6so6065628ith.2 for <trans@ietf.org>; Thu, 29 Mar 2018 06:58:29 -0700 (PDT)
X-Gm-Message-State: AElRT7G1kF/XM4ffK5dimPnzWB9h1HC3h0tecLoSnEu6Ugjj/4xkZKux f6u2AMIoX2FAZrpXquXAzpKN5/zzZfhbuMU2wy0=
X-Google-Smtp-Source: AIpwx4/6PMC5HdHrqXVl/KfzghsvDlnrFSokL+Rbnwx32NEDIWnZTRVH54BCxdMW22ssLt5Oa9mB72JM8lllw+g7vJk=
X-Received: by 2002:a24:19c9:: with SMTP id b192-v6mr6546126itb.1.1522331901593; Thu, 29 Mar 2018 06:58:21 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.2.152.80 with HTTP; Thu, 29 Mar 2018 06:58:21 -0700 (PDT)
In-Reply-To: <87fu4qo79n.fsf@fifthhorseman.net>
References: <C7855D7B-E853-443F-9C7E-4C901216CDFB@nohats.ca> <A8C94DE7-537D-4455-97A6-65E54D537D0B@taoeffect.com> <87k1u5sqv2.fsf@fifthhorseman.net> <D6B17BF8-5DF3-4FEB-83B6-CC7383ADED7A@taoeffect.com> <87fu4qo79n.fsf@fifthhorseman.net>
From: Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Thu, 29 Mar 2018 09:58:21 -0400
X-Gmail-Original-Message-ID: <CAErg=HHsz5xcqwURnAdgB5K=1T8Ltu+r7YOppbOdR7Pn3hzv7Q@mail.gmail.com>
Message-ID: <CAErg=HHsz5xcqwURnAdgB5K=1T8Ltu+r7YOppbOdR7Pn3hzv7Q@mail.gmail.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: Tao Effect <contact@taoeffect.com>, Paul Wouters <paul@nohats.ca>, Trans <trans@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000398e9c05688d8477"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/n3eTDP9yj0VKe3bmnM0ASdPTwVo>
Subject: Re: [Trans] Putting illegal stuff in an append only ledger
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2018 13:59:42 -0000
On Fri, Mar 23, 2018 at 4:40 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > On Wed 2018-03-21 18:22:57 -0400, Tao Effect wrote: > > This is specific to Bitcoin and Bitcoin-like datastructures which > > simply do not allocate enough room for arbitrary data. > > Thanks for clarifying this! If i understand correctly, your argument > appears to depend on all three of the following assertions: > > a) the chunks of arbitrary data that can be injected in the > datastructure in question are smaller than some specific size (let's > call it X bytes). > > b) there is no standard mechanism used for the datastructure in > question that aggregates multiple pieces of arbitrarily-injected > data into any larger structure. > > c) there is no toxic data that is X bytes or smaller. > > is that right? I don't know the Bitcoin protocol that well. What is > the value of X for the Bitcoin blockchain? > > Is (a) some sort of general principle that we should try to include in > designs of any append-only globally-distributed datastructures? > > how do we ensure that (b) remains the case? how do we verify that (c) > is true in the jurisdictions that we care about? Note that for Certificate Transparency, neither (a) or (b) necessarily holds true if we accept arbitrary certificate profiles. For example, the use of the LogoType extension could allow for such direct encoding in full. In this regard, there is an operational concern that merely states that CAs should not do this, and logs are reliant on sanctions against CAs that do this. For an ecosystem of publicly trusted CAs, the non-technical considerations - such as risk of distrust, or the existence of the Baseline Requirements - serve to curtail most forms of abuse, by restricting through policy or practice what a CA normatively should encode within a certificate. However, there are exceptions to this. For example, the existence of a technically-constrained sub-CA is generally a signal of an operational hand-off - akin to a DNS zone-split - in which key material is no longer held by the party whose existence is vested in the root key material, but instead handed off to some third-party. A hostile technically constrained sub-CA could thus encode arbitrary data within certificates they issue, and from that, cause sanction to be visited upon the root. Here, again, we have non-technical forces of sanction - such as contracts between the two parties - to discourage the use. In practice, one would expect that should such content be logged, one possible remedy is for the log to shut down. From an operational standpoint, clients are being built with a notion of log agility being a routine practice, although the target seems to be based on annual refreshes, it does seem possible to account for exceptional situations. Based on the above considerations, it seems that at a policy level, we have a number of options already available, and, in an absolute 'worst-case' doomsday scenario, logs become gatekeepers for certificate profiles (only accepting conforming certificates), while serving as transparent attestations of the validated information - rather than their function today, serving as attestations both of certificate profiles and validated information.
- [Trans] Putting illegal stuff in an append only l… Paul Wouters
- Re: [Trans] Putting illegal stuff in an append on… Tao Effect
- Re: [Trans] Putting illegal stuff in an append on… Daniel Kahn Gillmor
- Re: [Trans] Putting illegal stuff in an append on… Tao Effect
- Re: [Trans] Putting illegal stuff in an append on… Daniel Kahn Gillmor
- Re: [Trans] Putting illegal stuff in an append on… Tim Hollebeek
- Re: [Trans] Putting illegal stuff in an append on… Ryan Sleevi