[messaging] The Simple Thing
Ben Laurie
ben at links.org
Fri Oct 3 10:38:47 PDT 2014
On 3 October 2014 18:30, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On 10/03/2014 01:21 PM, Ben Laurie wrote:
> > On 3 October 2014 17:49, Tao Effect <contact at taoeffect.com> wrote:
> >> On Oct 3, 2014, at 2:13 AM, Ben Laurie <ben at links.org> wrote:
> >> Software holding the key monitors the log(s) for key changes.
> >>
> >> What software would that be (Apache? GPG?)?
> >
> > I can't answer that - it depends what system we're talking about, and
> > AFAICS we're not yet talking about a specific system, just an idea - but
> > the idea is that whatever software holds keys for users also monitors
> logs
> > on their behalf.
>
> When i hear "holds keys", i usually think of holding the secret key
> material. But when i think of the monitor, i see no reason why a
> monitor needs access to the secret key material.
>
> The monitor would want to know the public key material i want associated
> with a particular identity (so it doesn't alert me falsely about my own
> key), but that's it.
>
This is true, but I think you're just talking about a separation of roles
here (in the CT docs, a monitor may be an independent thing, or it may be
something some other component does as a part of its job). The important
thing is, I think, that the monitor needs to be:
a) Trusted by the user,
b) Have knowledge of which keys are supposed to be linked with their
identity.
> For example, I could set up my home server (which doesn't have access to
> my secret key material for messaging purposes) to monitor for anyone
> claiming that my messaging identity is bound to a different key.
>
> These clarifications are probably obvious, but i think it's worth making
> them explicit.
>
I agree. Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141003/d8f38339/attachment.html>
More information about the Messaging
mailing list