Jonathan Rudenberg pointed out that Keybase is providing transparency similar to what we've talked about [1]:
https://keybase.io/docs/server_security https://keybase.io/docs/server_security/merkle_root_in_bitcoin_blockchain Whenever their user database changes they make available (via API) a new signed Merkle Tree root covering the entire database. Given a root, users can fetch a small proof that a user's entry was included [2]. To ensure root hashes are widely seen they * include them in the Bitcoin blockchain * have users sign them when they issue signatures. Keybase has a web-of-trust system of users signing each other's keys ("tracking"); including roots into this seems similar to CT's "gossip". So that creates a widely-seen record of what they've published. Seems like efficiency could be improved, particularly if you imagine this used for real-time monitoring / notifying / checking with a large userbase. A new root for every change seems ultimately impractical (for the keyserver as well as monitors and users). CT has the concept of "merge delay" where logs are issued periodically, so a browser might need to wait a few hours before performing the post-facto lookup for a freshly-logged cert's audit proof. I wonder if something like that might be needed. Anyways, definitely worth reading above links and poking around, it's cool to see people trying this. Trevor [1] https://moderncrypto.org/mail-archive/messaging/2014/000226.html https://moderncrypto.org/mail-archive/messaging/2014/000244.html [2] https://keybase.io/docs/api/1.0/call/merkle/root https://keybase.io/docs/api/1.0/call/merkle/block _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
