On Mon, 16 Jan 2017 17:23:27 -0500 Richard Barnes <[email protected]> wrote:
> Clearly in order to be efficient, multiple certs must chain back up > to the same STH; this is also a privacy requirement because otherwise > retrieving a given STH leaks which certificate you are verifying. > For similar privacy reasons, clients need to proactively download and > validate every STH they might encounter, to avoid making queries for > STHs (which leak browsing history). Hi Richard, As you point out, the privacy concern with fetching an STH's consistency proof can be addressed by requiring that multiple certificates "chain back" to any given STH. Why then is it necessary for clients to proactively download and validate every STH? Could clients not fetch consistency proofs on demand the first time they see an STH (and then cache the STH so they don't have to fetch the proof again)? If so, that would eliminate your concern with clients having to download 4MB a month. Regards, Andrew _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
