On Tue, 9 May 2017 09:50:57 -0700 Melinda Shore <[email protected]> wrote:
> We have a disagreement on closing ticket 170 > (https://trac.ietf.org/trac/trans/ticket/170), > on the use of distinct keys for signing SCTs and STHs. I'm not entirely convinced of the security benefit. However, speaking as a monitor/auditor implementer, I do not believe separate keys would add any complexity to implementations - it's just a matter of storing two keys instead of one and using the right one when verifying signatures. Therefore, this proposal seems like a costless addition to the protocol that might help security. I'm assuming logs would still be free to use the same key if they wanted, right? Regards, Andrew _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
