On 19 October 2016 at 15:31, Kurt Roeckx <[email protected]> wrote: > On Wed, Oct 19, 2016 at 02:33:30PM -0500, Tom Ritter wrote: >> Actions for an auditor to take is a good thing to try and document >> somewhere. We _could_ put it into Gossip, but it seems like a separate >> draft to me. Off the top of my head I think the main things it would >> be checking are: >> - Has the log always issued a STH within the MMD > > I didn't look up what the real definition of the MMD is, but what > I expect is that the time from the SCT being generated until that > STH being visible is important, not the time the STH is generated. > > For instance I only see Digicert's STHs 12 hour later. With Google > it depends on the log, for Pilot and Aviator it averages around 25 > minutes, for Rocketeer around 100 minutes.
Yes, you're right. It's time to get data included (merged) into the tree after a promise (SCT) had been made. I was thinking about it in terms of "Has the log not issued at least one STH in an X-hour period" which is related to MDD, but not the exact same. >> - Can I resolve all inputs (SCTs, STHs) into a single STH via >> inclusion/consistency proofs (to prevent split views) > > Which is why I started to collect all that I can see myself. But > I'm not sure yet if this proposal will let me find all of them, or > at least all that have been send to someone. As an auditor you would want to find all the servers who deploy STH Pollination or SCT Feedback. [0] Once you do that, and start polling from them, you'll be doing the best anyone can. I'm not sure if there's a non-centralized, scalable way to make such a list available to people like yourself. I mean obviously someone could operate a public service and just collect sites that are found via scanning or self-submitted - and I expect this will happen - but it's not the sort of thing we'd put in a draft I don't think. But we're open to suggestions if you have any particular ideas! -tom [0] You could also operate a user-facing 'Trusted Auditor' and feed your own browsing history into it or convince others to do the same. _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
