On 12 December 2013 01:32, Paul Lambert <[email protected]> wrote: > > > On 12/11/13, 8:55 AM, "Ben Laurie" <[email protected]> wrote: > >>Who's in? > Very cool concept Š very broad possible applications. > Less interested in HTTPS/TLS, but many applications.
Great - can you be more specific what interests you? > > Paul > > >> >>"Problem statement: many Internet protocols require a mapping between >>some kind of identifier and some kind of key, for example, HTTPS, >>SMTPS, IPSec, DNSSEC and OpenPGP. >> >>These protocols rely on either ad-hoc mappings, or on authorities >>which attest to the mappings. >> >> >>History shows that neither of these mechanisms is entirely >>satisfactory. Ad-hoc mappings are difficult to discover and maintain, >>and authorities make mistakes or are subverted. >> >> >>Cryptographically verifiable logs can help to ameliorate the problems >>by making it possible to discover and rectify errors before they can >>cause harm. >> >> >>These logs can also assist with other interesting problems, such as >>how to assure end users that software they are running is, indeed, the >>software they intend to run. >> >> >>Work items: Specify a standards-track mechanism to apply verifiable >>logs to HTTP/TLS (i.e. RFC 6962-bis). >> >> >>Discuss mechanisms and techniques that allow cryptographically >>verifiable logs to be deployed to improve the security of protocols >>and software distribution. Where such mechanisms appear sufficiently >>useful, the WG will re-charter to add relevant new work items." >>_______________________________________________ >>therightkey mailing list >>[email protected] >>https://www.ietf.org/mailman/listinfo/therightkey > _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
