On 9 August 2015 at 08:41, Bryan Ford <[email protected]> wrote: > I must object to your conclusion that the “technical issues” I brought up > during the discussion “have been resolved” - at any rate, I consider them > neither purely “technical issues” nor having “been resolved”, as should be > eminently clear from my E-mails on the topic.
I agree; not resolved. I'm not sure they will be, but I don't want to mischaracterize things. > As I stated clearly earlier, I feel that the entire gossip approach is > fundamentally flawed. It’s not just some technical issues within the draft > that can be easily fixed, but the whole approach. My concerns are with the > strategy, not just minor “technical issues”. > > And similarly, I do not see how it can be concluded from the E-mail > discussion that my concerns “have been resolved” (or even addressed). > > Any approach will add complexity to the system: a gossip protocol will, and > a multisignature approach will. Have the advantages, disadvantages, and > relative complexities of each of these approaches been weighed and > considered in any way? Or was it somehow just “assumed as a given” since > before I started participating that gossip was the right approach and no one > is interested in questioning that now? I think "assumed as a given that some form of gossip was the path forward" is accurate. > I’ll grant that no one else on the list seems to be echoing my concerns with > the gossip approach at the moment - so if you wish to close the call for > adoption anyway over my objections, please feel free to do so; I assume > that’s what the “rough” in “rough consensus” is for. But please do not > mischaracterize my position as merely having raised “some technical issues” > that “have been resolved.” I think that even if every log had a 51 of 100 signers threshold scheme, we would still want some form of verification that logs are operating non-maliciously. While the bar for collusion or compromise is higher (at 51 instead of 1), the minimum and average technical operating level for the signers of 3 such multi-signer logs will be much lower than that of 3 single-signer logs. While each signer can act as an auditor _for the data it sees_, there is no guarantee that a signer might not be presented with a split-view of the log and never be able to catch the other signers acting on the other side of the merkle tree. So I still think verification is needed. And that verification would probably look something like gossip.... Whenever I've seen someone propose something to the effect of "And a different organization will be responsible for the uptime of your organization!" it tends not to get traction. So I'm skeptical that a multi-signer approach can be practically deployed. But I would love to be proven wrong. -tom _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
