On 16 August 2017 at 21:09, Andrew Ayer <[email protected]> wrote:
> On Wed, 16 Aug 2017 11:25:20 -0800 > Melinda Shore <[email protected]> wrote: > > > Hi, all: > > > > With our major deliverable now pushed out towards IETF > > last call, it's time to start considering whether or not > > there's additional work to do, or if we're done. As > > we've talked about before, we know that there's at least > > some interest in: > > > > . a client behavior document > > . logging DNSSEC records > > . logging binaries > > I've also seen interest expressed on the mailing list for: > > * A monitor API > Since we now know how to build verifiable monitors, perhaps that is part of an API? > * A strict version of CT > What do you mean by this? > > > Plus, I'm somewhat concerned about lack of gossip implementation > > and deployment, and it's worth considering whether that's because > > of lack of interest or because people running logs don't think > > that what's in the gossip spec is suitable for their needs. > > Note that logs don't participate in gossip, so your question is one > for TLS clients and monitors/auditors. > > The biggest problem is that the gossip spec only works with CTv2, > and there are no CTv2 logs in existence, let alone implementations. > > Nevertheless, there's a fairly obvious and minor modification to make > STH pollination work with CTv1, and I know of 7 different > monitor/auditor implementations which are using this variation of the > spec to exchange STHs from publicly-trusted CTv1 logs. > > That said, I know of no implementations of SCT feedback, nor of any plans > by TLS clients to implement any part of gossip. > IMO "gossipless gossip", i.e. cross-logging of STHs is the way to go. > > Regards, > Andrew > > _______________________________________________ > Trans mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/trans >
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
