>> >> On 12/11/13, 8:55 AM, "Ben Laurie" <[email protected]> wrote: >> >>>Who's in? >> Very cool concept Š very broad possible applications. >> Less interested in HTTPS/TLS, but many applications. > >Great - can you be more specific what interests you?
1) Basic logs and the ability to have assurance on time and order 2) Distributed authorization systems with an ability to demonstrate the existence and ordering of authorization statements 3) Time stamps and time synchronization 4) Group membership / enrollment 5) 'key centric' identity (mappings using hashes of keys as identity) 6) Service description and discovery without central registration Paul > >> >> Paul >> >> >>> >>>"Problem statement: many Internet protocols require a mapping between >>>some kind of identifier and some kind of key, for example, HTTPS, >>>SMTPS, IPSec, DNSSEC and OpenPGP. >>> >>>These protocols rely on either ad-hoc mappings, or on authorities >>>which attest to the mappings. >>> >>> >>>History shows that neither of these mechanisms is entirely >>>satisfactory. Ad-hoc mappings are difficult to discover and maintain, >>>and authorities make mistakes or are subverted. >>> >>> >>>Cryptographically verifiable logs can help to ameliorate the problems >>>by making it possible to discover and rectify errors before they can >>>cause harm. >>> >>> >>>These logs can also assist with other interesting problems, such as >>>how to assure end users that software they are running is, indeed, the >>>software they intend to run. >>> >>> >>>Work items: Specify a standards-track mechanism to apply verifiable >>>logs to HTTP/TLS (i.e. RFC 6962-bis). >>> >>> >>>Discuss mechanisms and techniques that allow cryptographically >>>verifiable logs to be deployed to improve the security of protocols >>>and software distribution. Where such mechanisms appear sufficiently >>>useful, the WG will re-charter to add relevant new work items." >>>_______________________________________________ >>>therightkey mailing list >>>[email protected] >>>https://www.ietf.org/mailman/listinfo/therightkey >> _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
