On 3 October 2014 18:30, Daniel Kahn Gillmor <[email protected]> wrote:
> On 10/03/2014 01:21 PM, Ben Laurie wrote: > > On 3 October 2014 17:49, Tao Effect <[email protected]> wrote: > >> On Oct 3, 2014, at 2:13 AM, Ben Laurie <[email protected]> wrote: > >> Software holding the key monitors the log(s) for key changes. > >> > >> What software would that be (Apache? GPG?)? > > > > I can't answer that - it depends what system we're talking about, and > > AFAICS we're not yet talking about a specific system, just an idea - but > > the idea is that whatever software holds keys for users also monitors > logs > > on their behalf. > > When i hear "holds keys", i usually think of holding the secret key > material. But when i think of the monitor, i see no reason why a > monitor needs access to the secret key material. > > The monitor would want to know the public key material i want associated > with a particular identity (so it doesn't alert me falsely about my own > key), but that's it. > This is true, but I think you're just talking about a separation of roles here (in the CT docs, a monitor may be an independent thing, or it may be something some other component does as a part of its job). The important thing is, I think, that the monitor needs to be: a) Trusted by the user, b) Have knowledge of which keys are supposed to be linked with their identity. > For example, I could set up my home server (which doesn't have access to > my secret key material for messaging purposes) to monitor for anyone > claiming that my messaging identity is bound to a different key. > > These clarifications are probably obvious, but i think it's worth making > them explicit. > I agree. Thanks.
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
