-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Andrew David Wong: > On 2017-04-01 10:39, iry wrote: >> Hi Radoslaw, thank you very much for your reply! > >> Radoslaw Szkodzinski: >>> Easy to answer: The proof of freshness is simply to show these >>> were not made ahead of time and then released later after a >>> compromise to fool everyone. > >> Could you please tell me "these were not made ahead of time" by >> whom? > >> If it is used to prove "these were not made ahead of time" by >> Qubes developers, then it is assuming that we do not trust the >> Qubes developers who made and signed the warrant. > >> 1. But if we do not trust them not signing the warrant in >> advance, why can we trust what they said in the warrant? Won't >> the whole warrant become meaningless? 2. Besides, if we do not >> trust them, we can even assume they are just using a script that >> can generate, sign and publish the warrant automatically every >> certain length of time. > >> If we trust the Qubes developers who made and signed the >> warrant, shouldn't the system date included in the signed message >> blocks be enough to prove the freshness? > >> If it is used to prove "these were not made ahead of time" by an >> adversary, then it may make a little bit more sense. > >> Thank you very much! I am Looking forward to a further >> discussion! > > > A good question, but it sounds like you're assuming a simplistic, > binary model of trust that doesn't accurately reflect trust > dynamics in the real world.
Thank you very much for pointing out my logic flaw here. I agree with you that the trust model is not binary in the real world. > Just because an assertion *can* be accepted on trust doesn't mean > that there's no value in providing proof for it I agree with you that there is some extra values in providing the proof of freshness, which has also been pointed out by Jean-Philippe. > especially if the proof is easy to produce. Providing proof in one > area (especially at consistent intervals over a long period of > time) can serve to bolster overall trust. Thank you very much for your answer, Andrew! You've helped me think more clear now! Best, iry -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJY4H+6AAoJEKFLTbxtzdU8m0AP/A2JbvnsNmI4eMKcCWoCg5do x5yB0QJLgQEyE04mndw0RZmqTLQbpKuILSwfSm5XUjnv4wT+UV4YdkNcxEiMvYBA Qhveu1d0P/TaLgQPHuN4vardESi33spEGfh1KEH9WnkpNFOOMCO3LLgcXWqRG8uC a45Vipd1eQhuqkGns90W/unvxky14GAkBjhZBOS/Le4wxOOAEjV0WmMgGN0aXAeb 7ROXwiLSMpHOVPyI3oyxRDaaSP2j7/fYdbatnnYUzpmnrkB723rQDJc2TBD4ipye itDo4IhFujAcVb78Rge64lCbHnLYZ2xbB7MQnB58GlCPlAxlqlsAl/D//zId/KW4 7mzK7D99D69jvmCXqanUygb97afd1V4q0dEQ2iaqTsNX2oSnsPWtCfnPOJfKoD/E LWuBTfuRb1yVkSlEVTIZfBROLhq88PMa3KbauOaowH2xVuf6E4ERPc1WO41BuGzU BB1lsYbXfK8Y1yQZ7mxTttiGdc56FwbstW5Ww9Ff17IlKqlrGcGmVXL9RkeBICQe WabR2B0O7EwRiEwzwZsjriSTHGEn2IfSiqubs7j6wv7N7wyhThm4W2Roon0iXsI9 yyu/ktXE21w1XaOwkJq7LMhg9n0zGTNn9sxIbo8s98a2xVmxdaEGQFwg9z9uFvzC moCpiCsr5AIt+ojP929v =C1RC -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/e905c748-b5ff-aa76-965a-df77df437a49%40riseup.net. For more options, visit https://groups.google.com/d/optout.
