On 10/03/2014 02:35 PM, Joseph Bonneau wrote: > CT-style (I think we should call it CT-style to avoid confusion with > Certificate Transparency proper for TLS certificates)
I strongly prefer "auditable endorsements" since there are many proposals for auditable endorsement systems, only one of which uses a CT-style append-only log (for example, nyms, nicknym, DANE, DIME, hallam-baker's PPE, dkg/tom's UEE). The term CT-style seems like it should be reserved for the class of proposals that include some kind of append-only log used in a manner similar to CT. We may see multiple CT-style proposals in the future (one log per provider, one log per third party endorser, etc). > A seemingly-obvious point I haven't seen yet: it's perfectly natural to > have both systems in place. Nothing prevents layering The Simple Thing > on top of a CT-style log. Paranoid Alice can certainly check out of band > if she looks up a new key for Bob in the log and it's different from > what she's used previously. Paranoid Bob can set up monitoring. Now you > get detection if either sender or receiver is paranoid. I can't fault you for not closely reading every email on this list, but I did happen to write the following in the very message you are replying to :) On 10/03/2014 11:43 AM, elijah wrote: > Also, receivers auditing their published keys does not preclude senders > from doing manual fingerprint verification. In fact, I think the two > models can work really well together, which is one of the key ideas in > https://pad.riseup.net/p/key-validation -elijah _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
