On 3 October 2014 17:49, Tao Effect <[email protected]> wrote: > Thanks Ben, > > On Oct 3, 2014, at 2:13 AM, Ben Laurie <[email protected]> wrote: > > The difference is that with CT the user whose key changes necessarily >> becomes aware that it has changed. In "the simple thing?" only the >> targeted user of the key is aware of this change. >> >> >> How is the owner of the key informed about the key change? >> > > Software holding the key monitors the log(s) for key changes. > > > What software would that be (Apache? GPG?)? >
I can't answer that - it depends what system we're talking about, and AFAICS we're not yet talking about a specific system, just an idea - but the idea is that whatever software holds keys for users also monitors logs on their behalf. > > And is it log, log(s), or logs? > Again, without a specific system design, its not possible to say. In the proposal for end-to-end key management, I believe the current idea is one log per domain. So, the s/w would be monitoring a single log in that case. But, its still on the drawing board.
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
