IETF Logo Mail Archive

Re: [Trans] Proving certificate freshness

David Leon Gil <coruus@gmail.com> Wed, 01 October 2014 14:41 UTC

Return-Path: <coruus@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4DE91ACE0D for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 07:41:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pihslZ1IAsul for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 07:41:18 -0700 (PDT)
Received: from mail-lb0-x232.google.com (mail-lb0-x232.google.com [IPv6:2a00:1450:4010:c04::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10ED21ACE01 for <trans@ietf.org>; Wed, 1 Oct 2014 07:41:17 -0700 (PDT)
Received: by mail-lb0-f178.google.com with SMTP id w7so463062lbi.23 for <trans@ietf.org>; Wed, 01 Oct 2014 07:41:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=LLLaYoE04G8cbB688t8gaOEVu5P56Cvi0JtSWKRhW0g=; b=NG6Jrt7AX8aHGMLYXgeVZU5yifnM4IX58tKVDnaDN4e5oocXocQvnBTfLsi1OJhGrY AACl95F8MhlO/2Tsks/hDFq6ODDLeIEnXkM5Ra+kE+ticIyRrvfKWeqJc+9Hmb3skXX+ 185d6GHjuSSiDCOUC4yzX1sCdR83IKF/2dnKqr7822mEJX2nIAGjQRUJtmFXSPWKd+qC XMIMJ9N0RiAZ+lBmQ+Tm5xIJ2xDgxn+b9EiQ7chShM4DdxYMu1MWfrZ5wcWh0binnf5L 2ca4nwK2snqyEY7JawFWAAd/xMLsjmtgyPy6AxLgRN7kZ6wGB0cJFandw2++B7EZ2kuS gVpw==
X-Received: by 10.112.160.42 with SMTP id xh10mr11988512lbb.97.1412174476391; Wed, 01 Oct 2014 07:41:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.218.145 with HTTP; Wed, 1 Oct 2014 07:40:56 -0700 (PDT)
In-Reply-To: <CABrd9SQurpoFUmbDLXs4viSr=BHmFrFTMicDBSJ0HzBs_cU14A@mail.gmail.com>
References: <CAA7UWsXpTzMgrDNo73cB5U_Q3wS2xDsGpws-4njXqEDJm-TG3A@mail.gmail.com> <542C0587.3080702@fifthhorseman.net> <CABrd9SQurpoFUmbDLXs4viSr=BHmFrFTMicDBSJ0HzBs_cU14A@mail.gmail.com>
From: David Leon Gil <coruus@gmail.com>
Date: Wed, 01 Oct 2014 10:40:56 -0400
Message-ID: <CAA7UWsWP22az+Tw8yyiXXBKpvW5qNSdaWaYKm+zRQyrqYWRY9Q@mail.gmail.com>
To: Ben Laurie <benl@google.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/uxLOvIbJ53HxJqewaeEIAFbPVYA
Cc: "trans@ietf.org" <trans@ietf.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Subject: Re: [Trans] Proving certificate freshness
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Oct 2014 14:41:19 -0000

On Wed, Oct 1, 2014 at 10:08 AM, Ben Laurie <benl@google.com> wrote:
> However, if you're prepared to modify servers, then you might as well
> go the whole hog and implement revocation transparency, which would
> make it impossible to use a revoked certificate from some short-ish
> time after revocation.

Generally agreed; the proposal is mainly intended as a stop-gap until
then. It doesn't require any new transparency server infrastructure.
(It also is essentially free gossip about STHs for clients.)

> note that our
> current thinking on verifying maps is you have a CT-like log of state
> changes, which the verifiable map is required to be consistent with,
> rather than maintaining a log of root hashes as suggested in that
> paper).

This seems an improvement. Could this log be integrated with CT
issuance logs? (That is, have a single "certificate event" log?)


Also, a question about RT: Why not require all RT logs to be
identical? That is, simply require that they reach consensus on a
tree-head hash. (This requires using, e.g., an order on (domain,
time), of course.)

(Perhaps this came up in the early days of CT design, but I wasn't
able to find discussion of it.)

v2.23.0 | Report a Bug | By Email