On 25 May 2017 at 06:01, Magnus Ahltorp <[email protected]> wrote: > > I may have misunderstood something, but why would the STH not always be > included with the inclusion proof? What is the reason for all this extra > complexity (UA vendor distributing the STH, inclusion proof not > self-contained)?
The inclusion proof does contain the STH. But we don't trust it. It might represent a split view of the log. There's no way to know without comparing our view of the log with other people's. By having the UA vendor provide it's view of the log (or rather, a specific subset of it in the form of specific STHs), we can confirm that this STH we got is in the known set of STHs the UA vendor got. Our view is the same as theirs. And since theirs is the same sent to every browser client, we can be pretty sure that we and everyone - who uses this browser at least - has the same view of the log and we are not being presented a split view. -tom _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
