| < draft-ietf-trans-gossip-03.txt | draft-ietf-trans-gossip-04.txt > | |||
|---|---|---|---|---|
| TRANS L. Nordberg | TRANS L. Nordberg | |||
| Internet-Draft NORDUnet | Internet-Draft NORDUnet | |||
| Intended status: Experimental D. Gillmor | Intended status: Experimental D. Gillmor | |||
| Expires: January 9, 2017 ACLU | Expires: July 14, 2017 ACLU | |||
| T. Ritter | T. Ritter | |||
| July 08, 2016 | January 10, 2017 | |||
| Gossiping in CT | Gossiping in CT | |||
| draft-ietf-trans-gossip-03 | draft-ietf-trans-gossip-04 | |||
| Abstract | Abstract | |||
| The logs in Certificate Transparency are untrusted in the sense that | The logs in Certificate Transparency are untrusted in the sense that | |||
| the users of the system don't have to trust that they behave | the users of the system don't have to trust that they behave | |||
| correctly since the behavior of a log can be verified to be correct. | correctly since the behavior of a log can be verified to be correct. | |||
| This document tries to solve the problem with logs presenting a | This document tries to solve the problem with logs presenting a | |||
| "split view" of their operations. It describes three gossiping | "split view" of their operations. It describes three gossiping | |||
| mechanisms for Certificate Transparency: SCT Feedback, STH | mechanisms for Certificate Transparency: SCT Feedback, STH | |||
| skipping to change at page 1, line 40 ¶ | skipping to change at page 1, line 40 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on January 9, 2017. | This Internet-Draft will expire on July 14, 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2016 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 3, line 23 ¶ | skipping to change at page 3, line 23 ¶ | |||
| 11.2. Proof Fetching Recommendations . . . . . . . . . . . . . 32 | 11.2. Proof Fetching Recommendations . . . . . . . . . . . . . 32 | |||
| 11.3. Record Distribution Recommendations . . . . . . . . . . 33 | 11.3. Record Distribution Recommendations . . . . . . . . . . 33 | |||
| 11.3.1. Mixing Algorithm . . . . . . . . . . . . . . . . . . 34 | 11.3.1. Mixing Algorithm . . . . . . . . . . . . . . . . . . 34 | |||
| 11.3.2. The Deletion Algorithm . . . . . . . . . . . . . . . 35 | 11.3.2. The Deletion Algorithm . . . . . . . . . . . . . . . 35 | |||
| 11.4. Concrete Recommendations . . . . . . . . . . . . . . . . 36 | 11.4. Concrete Recommendations . . . . . . . . . . . . . . . . 36 | |||
| 11.4.1. STH Pollination . . . . . . . . . . . . . . . . . . 36 | 11.4.1. STH Pollination . . . . . . . . . . . . . . . . . . 36 | |||
| 11.4.2. SCT Feedback . . . . . . . . . . . . . . . . . . . . 39 | 11.4.2. SCT Feedback . . . . . . . . . . . . . . . . . . . . 39 | |||
| 12. IANA considerations . . . . . . . . . . . . . . . . . . . . . 53 | 12. IANA considerations . . . . . . . . . . . . . . . . . . . . . 53 | |||
| 13. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 53 | 13. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 53 | |||
| 14. ChangeLog . . . . . . . . . . . . . . . . . . . . . . . . . . 53 | 14. ChangeLog . . . . . . . . . . . . . . . . . . . . . . . . . . 53 | |||
| 14.1. Changes between ietf-02 and ietf-03 . . . . . . . . . . 53 | 14.1. Changes between ietf-03 and ietf-04 . . . . . . . . . . 53 | |||
| 14.2. Changes between ietf-01 and ietf-02 . . . . . . . . . . 54 | 14.2. Changes between ietf-02 and ietf-03 . . . . . . . . . . 54 | |||
| 14.3. Changes between ietf-00 and ietf-01 . . . . . . . . . . 54 | 14.3. Changes between ietf-01 and ietf-02 . . . . . . . . . . 54 | |||
| 14.4. Changes between -01 and -02 . . . . . . . . . . . . . . 54 | 14.4. Changes between ietf-00 and ietf-01 . . . . . . . . . . 54 | |||
| 14.5. Changes between -00 and -01 . . . . . . . . . . . . . . 55 | 14.5. Changes between -01 and -02 . . . . . . . . . . . . . . 55 | |||
| 14.6. Changes between -00 and -01 . . . . . . . . . . . . . . 55 | ||||
| 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 55 | 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 55 | |||
| 15.1. Normative References . . . . . . . . . . . . . . . . . . 55 | 15.1. Normative References . . . . . . . . . . . . . . . . . . 55 | |||
| 15.2. Informative References . . . . . . . . . . . . . . . . . 55 | 15.2. Informative References . . . . . . . . . . . . . . . . . 56 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 56 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 56 | |||
| 1. Introduction | 1. Introduction | |||
| The purpose of the protocols in this document, collectively referred | The purpose of the protocols in this document, collectively referred | |||
| to as CT Gossip, is to detect certain misbehavior by CT logs. In | to as CT Gossip, is to detect certain misbehavior by CT logs. In | |||
| particular, CT Gossip aims to detect logs that are providing | particular, CT Gossip aims to detect logs that are providing | |||
| inconsistent views to different log clients, and logs failing to | inconsistent views to different log clients, and logs failing to | |||
| include submitted certificates within the time period stipulated by | include submitted certificates within the time period stipulated by | |||
| MMD. | MMD. | |||
| skipping to change at page 53, line 43 ¶ | skipping to change at page 53, line 43 ¶ | |||
| [ TBD ] | [ TBD ] | |||
| 13. Contributors | 13. Contributors | |||
| The authors would like to thank the following contributors for | The authors would like to thank the following contributors for | |||
| valuable suggestions: Al Cutter, Ben Laurie, Benjamin Kaduk, Josef | valuable suggestions: Al Cutter, Ben Laurie, Benjamin Kaduk, Josef | |||
| Gustafsson, Karen Seo, Magnus Ahltorp, Steven Kent, Yan Zhu. | Gustafsson, Karen Seo, Magnus Ahltorp, Steven Kent, Yan Zhu. | |||
| 14. ChangeLog | 14. ChangeLog | |||
| 14.1. Changes between ietf-02 and ietf-03 | 14.1. Changes between ietf-03 and ietf-04 | |||
| o No changes. | ||||
| 14.2. Changes between ietf-02 and ietf-03 | ||||
| o TBD's resolved. | o TBD's resolved. | |||
| o References added. | o References added. | |||
| o Pseduocode changed to work for both clients and servers. | o Pseduocode changed to work for both clients and servers. | |||
| 14.2. Changes between ietf-01 and ietf-02 | 14.3. Changes between ietf-01 and ietf-02 | |||
| o Requiring full certificate chain in SCT Feedback. | o Requiring full certificate chain in SCT Feedback. | |||
| o Clarifications on what clients store for and send in SCT Feedback | o Clarifications on what clients store for and send in SCT Feedback | |||
| added. | added. | |||
| o SCT Feedback server operation updated to protect against DoS | o SCT Feedback server operation updated to protect against DoS | |||
| attacks on servers. | attacks on servers. | |||
| o Pre-Loaded vs Locally Added Anchors explained. | o Pre-Loaded vs Locally Added Anchors explained. | |||
| o Base for well-known URL's changed. | o Base for well-known URL's changed. | |||
| o Remove all mentions of monitors - gossip deals with auditors. | o Remove all mentions of monitors - gossip deals with auditors. | |||
| o New sections added: Trusted Auditor protocol, attacks by actively | o New sections added: Trusted Auditor protocol, attacks by actively | |||
| malicious log, the Dual-CA compromise attack, policy | malicious log, the Dual-CA compromise attack, policy | |||
| recommendations, | recommendations, | |||
| 14.3. Changes between ietf-00 and ietf-01 | 14.4. Changes between ietf-00 and ietf-01 | |||
| o Improve language and readability based on feedback from Stephen | o Improve language and readability based on feedback from Stephen | |||
| Kent. | Kent. | |||
| o STH Pollination Proof Fetching defined and indicated as optional. | o STH Pollination Proof Fetching defined and indicated as optional. | |||
| o 3-Method Ecosystem section added. | o 3-Method Ecosystem section added. | |||
| o Cases with Logs ceasing operation handled. | o Cases with Logs ceasing operation handled. | |||
| o Text on tracking via STH Interaction added. | o Text on tracking via STH Interaction added. | |||
| o Section with some early recommendations for mixing added. | o Section with some early recommendations for mixing added. | |||
| o Section detailing blocking connections, frustrating it, and the | o Section detailing blocking connections, frustrating it, and the | |||
| implications added. | implications added. | |||
| 14.4. Changes between -01 and -02 | 14.5. Changes between -01 and -02 | |||
| o STH Pollination defined. | o STH Pollination defined. | |||
| o Trusted Auditor Relationship defined. | o Trusted Auditor Relationship defined. | |||
| o Overview section rewritten. | o Overview section rewritten. | |||
| o Data flow picture added. | o Data flow picture added. | |||
| o Section on privacy considerations expanded. | o Section on privacy considerations expanded. | |||
| 14.5. Changes between -00 and -01 | 14.6. Changes between -00 and -01 | |||
| o Add the SCT feedback mechanism: Clients send SCTs to originating | o Add the SCT feedback mechanism: Clients send SCTs to originating | |||
| web server which shares them with auditors. | web server which shares them with auditors. | |||
| o Stop assuming that clients see STHs. | o Stop assuming that clients see STHs. | |||
| o Don't use HTTP headers but instead .well-known URL's - avoid that | o Don't use HTTP headers but instead .well-known URL's - avoid that | |||
| battle. | battle. | |||
| o Stop referring to trans-gossip and trans-gossip-transport-https - | o Stop referring to trans-gossip and trans-gossip-transport-https - | |||
| End of changes. 12 change blocks. | ||||
| 16 lines changed or deleted | 21 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||