Hi everyone, As part of my research into another project, I came across the concept of Private Information Retrieval (PIR). From the Wikipedia page (https://en.wikipedia.org/wiki/Private_Information_Retrieval):
> In cryptography, a private information retrieval (PIR) protocol allows a > user to retrieve an item from a server in possession of a database without > revealing which item is retrieved. This sounds like rather a nice property to have for clients to retrieve proofs from CT logs without needing to actually disclose which site they're retrieving the proof *for*, which, as I understand it, is an unsolved privacy-related problem in CT. It *may* also be possible to use similar concepts to improve privacy in gossip, although I'm far from certain on that point. My questions for those who have been working on the core CT specs are: * Has PIR been investigated previously with regards to addressing any privacy concerns in CT? * If so, in what ways were they considered lacking? * If not, would a proposal to include PIR methods in CT be welcomed? * In what way would a PIR-related proposal best be formulated, at this stage of the standardisation process? As an inclusion in 6962bis, or as a separate proposed RFC? I'm not committing to working with PIR and CT *yet*, but depending on the answers to the above questions and my time availability, that lack of commitment may change. - Matt _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
