So the concern is log servers that are going to reserve the right to "go rogue"
by using weak crypto that could be subverted? Or is there a different concern?
I believe this can be addressed by leaving the data formats future-proof, but
mandating the crypto in the RFC. For example, put a hash identifier (OID, TLS
id, whatever) in the hash entry, but the RFC says "MUST use SHA-256." To make
it even stronger, you could set up an IANA registry. Being pragmatic, nobody's
going to implement anything other than what Chrome supports, at least at first.
And by making log data self-identifying, you can (quietly) perform experiments
on new crypto types.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
