Re: [Trans] Mail regarding draft-ietf-trans-rfc6962-bis
Paul Wouters <paul@nohats.ca> Mon, 04 September 2023 16:39 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70905C15E406 for <trans@ietfa.amsl.com>; Mon, 4 Sep 2023 09:39:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.404
X-Spam-Level:
X-Spam-Status: No, score=-4.404 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oFm6L7iF026N for <trans@ietfa.amsl.com>; Mon, 4 Sep 2023 09:39:44 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4198EC1524AA for <trans@ietf.org>; Mon, 4 Sep 2023 09:39:43 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4RfZ9T3yQZz3Nt; Mon, 4 Sep 2023 18:39:41 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1693845581; bh=bab1qWcorVnyn7LZNku0Q9fpeBDLwaQz/MA6KH5Grqw=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=FwsnnXGMu1IrLelscaMtuwLii49Mlgp9c9neg5VEpYoEXFfI6ovVpPV2YIOEG6nWw SBWSZ1qF1VLkvtGTJyU3/4VpC8LsueajzOBIwG+8DVGZRZWfbaW+XwKJxkrKKGRSOC 0Zljbpmd93yKi3Vl60bFws/2aXfLyRxdenl9w7ZM=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 0ic4iLbutXLC; Mon, 4 Sep 2023 18:39:40 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 4 Sep 2023 18:39:39 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id F058F105A2B8; Mon, 4 Sep 2023 12:39:38 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id ED7DB105A2B7; Mon, 4 Sep 2023 12:39:38 -0400 (EDT)
Date: Mon, 04 Sep 2023 12:39:38 -0400
From: Paul Wouters <paul@nohats.ca>
To: Aljoscha Meyer <research@aljoscha-meyer.de>
cc: trans@ietf.org
In-Reply-To: <4a0703f8-600e-416e-a06c-f81c68ea654c@aljoscha-meyer.de>
Message-ID: <221d91d6-b523-594b-36fd-16b8cb7dbbaa@nohats.ca>
References: <4a0703f8-600e-416e-a06c-f81c68ea654c@aljoscha-meyer.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/tyNMweX8LReuMee3pkkLxju9jKo>
Subject: Re: [Trans] Mail regarding draft-ietf-trans-rfc6962-bis
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Sep 2023 16:39:48 -0000
On Fri, 1 Sep 2023, Aljoscha Meyer wrote: > Subject: [Trans] Mail regarding draft-ietf-trans-rfc6962-bis Do you mean RFC6962 or RFC9162 ? https://datatracker.ietf.org/doc/html/rfc9162 > Dear WG for the Certificate Transparency RFC, Technically, the CT WG closed, but the list is still active for discussions on these topics, so thank you for these emails and information. > I want to point you to two (not yet peer-reviewed) paper drafts of mine that > pertain to CT. The CT RFC and literature barely looks beyond Merkle trees, > and is missing out on some interesting and efficient constructions. > > The first paper frames append-only logs in a more general light, bridges the > gap to the rich literature on secure timestamping, characterizes a graph > class that contains Merkle-tree-based logs but also many other designs, and > derive some efficiency criteria under which CT logs are less than ideal: > https://arxiv.org/abs/2308.13836 > > The second paper proposes an alternate design that has shorter consistency > proofs than CT, has constant-size inclusion proofs for item i from the i-th > signed tree head (and twice as small inclusion proofs on average for > arbitrary items from arbitrary STHs), and requires asymptotically less > metadata: https://arxiv.org/abs/2308.15058 A quick peek shows this design improves on RFC9162. > I'm not familiar with the ietf processes, and given the existing adoption of > CT, there is probably little practical impact to be had. But at the very > least I wanted to inform you of this material, and I'm happy to answer any > question or hear about any faults it might have. I think the deployment of 9162 is still pretty meager, and that most CT logs are still on 6962, but I haven't kept track in the last few years. So in a way, such a smaller deployment might be easier to update if there are concrete advantages. Although I'm not sure performance is a big factor in this? Of course, it never hurts to write it up in a draft and see if people get interested. Possible ways to publish an RFC from that are to re-open the trans WG (via a new BoF) or if this is deemed a one-off, perhaps the route of AD Sponsor would be possible. A third way, which I think makes less sense, is publication in the Independent Stream (ISE). But since 9162 is Experimental, that could be done. Thanks for your work on this and for letting us know, Paul
- [Trans] Mail regarding draft-ietf-trans-rfc6962-b… Aljoscha Meyer
- Re: [Trans] Mail regarding draft-ietf-trans-rfc69… Paul Wouters
- Re: [Trans] Mail regarding draft-ietf-trans-rfc69… Melinda Shore