#82: add integrity validation to get-entries (and fetching SCTs?) When monitoring a log, get-entries provide no assurance against in-flight corruption. It will get caught once verifying the entries against an STH, but that makes it hard to act upon (can't tell which exactly entry is corrupted, for example).
Also, the question of how to fetch the SCT for a logged entry has been asked a few times. One way to solve both problems at once would be to return the SCT signature in get-entries. The rest of the data for the SCT is already there, and since it's done over all this data and the entry's digest, it should provide a way to check the integrity of the entry. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: enhancement | Status: new Priority: major | Milestone: Component: client- | Version: behavior | Keywords: Severity: - | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/trans/trac/ticket/82> trans <http://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
