[messaging] Google End-to-End plans on using key directories with a CT-like verification protocol

Ben Laurie ben at links.org
Fri Aug 29 08:08:02 PDT 2014


On 27 August 2014 22:32, yan <yan at mit.edu> wrote:
> On 08/27/2014 12:32 PM, Tony Arcieri wrote:
>> They plan on having email providers run "Key Directories" and using
>> encrypted messages to gossip data about the directories, providing a
>> CT-like system:
>>
>> https://code.google.com/p/end-to-end/wiki/KeyDistribution
>>
>
> There's a discussion going on in the comment section of the wiki page too.
>
> Since the Key Directories are (at least initially) run by the Identity
> Providers (Google, Yahoo, etc.), it doesn't seem very useful to gossip
> the Signed Tree Head inside channels controlled by the identity provider
> (gmail, yahoo mail, gchat, etc.). I'm curious if others have thoughts on
> how this could work using other channels.

Ultimately, it would be nice if all verifiable logs used each other's
gossip channels. For CT we are planning to at least gossip in TLS
handshakes.

Another obvious gossip channel is XMPP.

There's talk of using a verifiable log for the Tor Consensus. So I
guess there will be a Tor gossip channel.

And so on.

The interesting question is how all these mechanisms might coordinate.


More information about the Messaging mailing list