On 05/10/15 19:34, Stephen Kent wrote:
Ben,
...
This is true even if you use hashes, surely? For example, an old key
(from a log no longer known to someone) could be reused. Or a key for
a log that was never used publicly. Or the same key could be used for
two logs accepted by different clients. And so on.
I would expect a Monitor to keep track of the public key for each log
operator that it watches, (but that should be stated explicitly).
Yes.
Thus re-use of an old key by that log operator, for a new log instance,
wouldbe detected easily if the log ID were derived from the public key.
That seems like a non sequitur to me.
Since a monitor has a copy of every log's public key, it can compare
these public keys to ensure that each one is used by only 1 log.
Or, since it knows each public_key, the monitor could calculate
HASH(public_key) all by itself and then check the uniqueness of each.
It makes no difference whether LogID is defined as HASH(public_key), an
OID, or something else.
The most common case, if the re-use is accidental,
is probably starting a new log instance but not remembering to change
the key. That would
be obvious/impossible if the ID were derived from the key.
However, I agree that a log re-using a key from some other log would not be
detected by this approach.
Steve
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
