#141: expanding audit description
Comment (by [email protected]): The following text is offered to replace Section 9.4. An Auditor interacts with a log to detect misbehavior of the log. When it detects misbehavior, an Auditor notifies Monitors that have arranged for such notification. Because Browser Vendors supply log metadata in their browsers, each is expected to operate an Auditor, or to arrange to receive notifications of log misbehavior from Auditors, or both. An Auditor detects log misbehavior by performing checks on log entries and Signed Tree Heads (STHs). There are four log behavior properties that Auditors check: 1. The Maximum Merge Delay (MMD) 2. The STH Frequency Count 3. The append-only property 4. The consistency of the log view presented to all query sources The first three of these checks are easily performed using existing log interfaces and log metadata, employing algorithms described in Appendices A, B, and C. The last check is more difficult to perform because it requires a way to share log responses among a set of CT elements, perhaps including browsers, web sites, Monitors, and Auditors, e.g., so-called gossiping. A comprehensive specification of Auditor requirements will be provided in a document to be published later. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-trans- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Resolution: Keywords: | -------------------------+------------------------------------------------- Ticket URL: <https://trac.tools.ietf.org/wg/trans/trac/ticket/141#comment:3> trans <https://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
