On Fri, May 19, 2017 at 3:55 PM, Matt Palmer <[email protected]> wrote: > If you're already requiring auditors to remember what they've seen before, > why not just get them to remember the STHs they've seen, rather than having > to remember that they've seen an additive sequence of previous STHs and > verified that nothing's magically appeared?
In CT, CAs issue certificates that certify a binding of a name to a public key. From the CT logs' perspective, the CAs are untrusted and so we don't rely on them to provide a log of certificates they've issued. Instead, we have CT logs maintain such logs. Similarly, a CT log issues STHs that certify the state of the log. >From the auditors' perspective, the CT log is untrusted. Thus, the auditors' shouldn't rely on the CT logs to log all their STHs. Instead, the auditors should maintain such logs. In other words, the CT auditors should operate CT logs that operate on "certificates" that are actually STHs. Cheers, Brian -- https://briansmith.org/ _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
