Several applications depend on Internet-wide consensus to secure an
append-only log, provide tamper-resistant timestamps, and atomically
commit transactions across mutually distrustful parties with no
preexisting relationship. Examples include:
* The IETF trans working group is specifying data structures and
operational mechanisms for providing secure logging and auditing of
TLS server certificates, but lacks a mechanism for determining
consensus among logs (or consensus about whether or not a resource
should be logged). These functions are currently served by an
experimental gossip protocol that can potentially be strengthened
through global consensus.
* The Stellar payment network, is used by remittance companies to trade
currencies and send payments across the Internet.
* UCSD's SPAM (Secure PAckage Manager) project relies on a secure global
log both to enable revocation of previously published vulnerable
software packages and to guarantee that a particular software release
has been publicly available for audit (somewhat like certificate
transparency).
* Stellar has an ongoing secure naming project that aims to allow domain
name owners to assign human-readable names to end-user public keys
without retaining the ability to lie about those public keys
undetected.
We have just created a new IETF mailing mailing list to discuss such
applications, the mechanisms that can meet their consensus needs, and a
potential role of the IETF in devising a stable specification for an
Internet-level consensus mechanism. The home page for the list is here:
https://www.ietf.org/mailman/listinfo/ilc
If there is interest in the topic, we would like to organize a BoF in
Chicago. Please join the discussion on the list if you might be
interested in participating.
David
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
