Re: [Trans] Threat model outline, attack model

Ralph Holz <holz@net.in.tum.de> Mon, 29 September 2014 21:01 UTC

Return-Path: <holz@net.in.tum.de>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B016B1ACCE5 for <trans@ietfa.amsl.com>; Mon, 29 Sep 2014 14:01:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.85
X-Spam-Level:
X-Spam-Status: No, score=-3.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XPsCleCsESd7 for <trans@ietfa.amsl.com>; Mon, 29 Sep 2014 14:01:56 -0700 (PDT)
Received: from smtp1.informatik.tu-muenchen.de (mail-out1.informatik.tu-muenchen.de [131.159.0.8]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A4A81ACCE9 for <trans@ietf.org>; Mon, 29 Sep 2014 14:01:54 -0700 (PDT)
Received: from [192.168.178.34] (109.125.75.212.dynamic.cablesurf.de [109.125.75.212]) by mail.net.in.tum.de (Postfix) with ESMTPSA id 62F9119BD88A; Mon, 29 Sep 2014 23:01:52 +0200 (CEST)
Message-ID: <5429C8BF.3030403@net.in.tum.de>
Date: Mon, 29 Sep 2014 23:01:51 +0200
From: Ralph Holz <holz@net.in.tum.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: Gervase Markham <gerv@mozilla.org>, trans@ietf.org
References: <54173589.3000404@bbn.com> <CABrd9SRShqm1r-2ajbqD5w1s686ciyjcEvywsXZaapgmi57NsA@mail.gmail.com> <54242F8A.2080602@bbn.com> <CABrd9SSwAdv-mAgofNT6bMWky7q=bZhAaX=L4gZUQDkROQ-3ZA@mail.gmail.com> <54258AF0.7090602@bbn.com> <4842B04F-A058-4F3C-9DA3-F29735EC7570@taoeffect.com> <alpine.LFD.2.10.1409262236210.27616@bofh.nohats.ca> <FC4A18E2-A42C-472F-B9FE-2278BB5A0BBA@taoeffect.com> <CABrd9SQBuQO1wrv7s06aT-GGyeWmu2sFzJrH6a+t81aq-dei+w@mail.gmail.com> <77D4B290-D2C8-44D7-AF84-A0A1B91B9557@taoeffect.com> <20140927211940.GP28050@hezmatt.org> <FDC8E60C-4CB4-447D-8562-FDB7B755B0B4@taoeffect.com> <5427FC62.2000207@net.in.tum.de> <54295D52.5020000@mozilla.org>
In-Reply-To: <54295D52.5020000@mozilla.org>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/yo3pjLA4GFN9r2oQPcO3XmHb7sE
Subject: Re: [Trans] Threat model outline, attack model
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Sep 2014 21:01:58 -0000

Hi Gervase,

I agree; I was trying to give an upper bound.

I think the original CT design documents spoke about "maybe 30 logs, but
certainly a lot less than 1000" or so.

Ralph

On 09/29/2014 03:23 PM, Gervase Markham wrote:
> On 28/09/14 13:17, Ralph Holz wrote:
>> * That leaves us with an undisclosed number of intermediate
>> certificates issued by CAs.
> 
> And why would any of those want to run a log anyway, more than a
> random person? I'd expect them in most cases to submit their certs to
> the log run by the parent CA.
> 
> I wonder also if small CAs would pool resources to run a log. After
> all, it's not a customer-facing function.
> 
> So I'd be surprised if we see 60 logs.
> 
> Gerv
> 
> _______________________________________________ Trans mailing list 
> Trans@ietf.org https://www.ietf.org/mailman/listinfo/trans
> 


-- 
Ralph Holz
I8 - Network Architectures and Services
Technische Universit√§t M√ľnchen
http://www.net.in.tum.de/de/mitarbeiter/holz/
Phone +49.89.289.18010
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF