trans name redaction rfc6962 bis
play

trans: Name Redaction & RFC6962-bis Eran Messeri, Google, - PowerPoint PPT Presentation

Dec 31, 2022 •168 likes •248 views

trans: Name Redaction & RFC6962-bis Eran Messeri, Google, eranm@google.com Definition: Name Redaction The ability to avoid publishing domain names, in whole or partially, in Certificate Transparency logs. Name redaction: Missing goals

  1. trans: Name Redaction & RFC6962-bis Eran Messeri, Google, eranm@google.com

  2. Definition: Name Redaction The ability to avoid publishing domain names, in whole or partially, in Certificate Transparency logs.

  3. Name redaction: Missing goals ● We started with vague requirements, e.g. top.secret.example.com. ● First technical solution was to allow irreversible redaction of labels. ○ ?.?.example.com ● Second solution was hashing of the redacted labels: ○ HASH(top).HASH(secret).example.com ○ HASH(salt || top).HASH(salt || secret).example.com, salt in precertificate. ○ HASH(salt || top).HASH(salt || secret).example.com, salt in final cert. ● No agreement re what is implementable, CAs and Browsers both unhappy. ● Would like to ask the community for scenarios that require redaction. ○ Come talk to us over lunch? ○ We’ll channel the feedback to the mailing list.

  4. 6962-bis open issue ● Relaxing Section 5.1 discussion (what should logs accept): Proposed compromise : change MUST -> SHOULD. ● Privacy concerns of personal certificates and legal requirements Goal: Is there consensus for solving this problem under the trans WG? (not block bis) ● Historic STHs fetching for 6962bis: Position : Looking for support from the WG to put it in a monitoring API ○ Replies from this API can’t be trusted (have to monitor logs anyway). ○ There’s other, monitoring-related API that we could move there.

  5. Privacy concerns What to do when: ● “Private” certificates appear in logs. ● Logs are required to remove data. Goal: ● Get consensus to solve this under trans WG ● Build a solution on top of 6962-bis. ● … but do not block 6962-bis

  6. 6962-bis reference implementation(s) https://github.com/eranmes/certificate-transparency/tree/py_6962_bis ● Very raw (not merged upstream yet) ● Only supports add-chain, get-sth (does not validate chain). ○ But returns valid TransItems ● Already caught some spec issues ● Plans: ○ Implement get-sth-consistency, get-proof-by-hash ○ Implement CMS decoding for precerts

  7. Other Work ● Emily Stark is working on an Expect-CT draft at httpbis (Thursday).

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The UNC Law Librarys Redaction of its Digitized NC Supreme Court Briefs: A Case Study Nicole

The UNC Law Librarys Redaction of its Digitized NC Supreme Court Briefs: A Case Study Nicole

The UNC Law Librarys Redaction of its Digitized NC Supreme Court Briefs: A Case Study Nicole Downing May 8, 2014 ndowning@email.unc.edu Agenda The Digitization Project Redaction The Legal Considerations The Ethical

124 views • 9 slides
RFC6962-bis update Some tweaking still needed. Last call should wait for our

RFC6962-bis update Some tweaking still needed. Last call should wait for our

RFC6962-bis update Some tweaking still needed. Last call should wait for our implementation. A member of the Certificate Transparency team at Google is working on it. We think all major issues resolved.

258 views • 10 slides
Redaction Consultation Process Assessment of justification for proposed redactions of commercially

Redaction Consultation Process Assessment of justification for proposed redactions of commercially

Redaction Consultation Process Assessment of justification for proposed redactions of commercially confidential information Stakeholder webinar 24 June 2015, London Presented by Anne-Sophie Henry-Eude An agency of the European Union Head of

278 views • 8 slides
Project Plan Machine Learning Document Classification and Redaction The Capstone Experience Team

Project Plan Machine Learning Document Classification and Redaction The Capstone Experience Team

Project Plan Machine Learning Document Classification and Redaction The Capstone Experience Team Technology Services Group Lazaro Cruz Genya Dobrev Will Giger Jacob Harris Xiaokuan Zhang Department of Computer Science and Engineering

340 views • 12 slides
Building The Trans-ASEAN Gas Pipeline (TAGP) project envisages the creation of a trans-national

Building The Trans-ASEAN Gas Pipeline (TAGP) project envisages the creation of a trans-national

Asia Pacific Review Trans-Asian pipe Building The Trans-ASEAN Gas Pipeline (TAGP) project envisages the creation of a trans-national pipeline network linking ASEANs major gas production and utilisation centres. Once realised the TAGP will

490 views • 5 slides
Cross-Coupling Reactions of Organoboranes: p g g An Easy Way for Carbon-Carbon Bonding y y g

Cross-Coupling Reactions of Organoboranes: p g g An Easy Way for Carbon-Carbon Bonding y y g

N-1 Nobel Lecture, December 8, 2010 Cross-Coupling Reactions of Organoboranes: p g g An Easy Way for Carbon-Carbon Bonding y y g Akira Suzuki S N-2 Conjugated Alkadienes R' R' R' R R R R R' R R trans trans trans-trans trans

727 views • 25 slides
Inclusive Growth: Creating Space for Trans Players Craig Kulyk (Marketing Manager) Tro Weston

Inclusive Growth: Creating Space for Trans Players Craig Kulyk (Marketing Manager) Tro Weston

Inclusive Growth: Creating Space for Trans Players Craig Kulyk (Marketing Manager) Tro Weston (League Manager) Jenna Weiner Why it's important Made fun of for being Trans 27% 73% Ref: Trans Pulse Survey (2006-2013) Heard Trans People

553 views • 38 slides
IEEE Abbreviations for Transactions, Journals, Letters Biomed En g/ IFEE Trans. Auton. Mental

IEEE Abbreviations for Transactions, Journals, Letters Biomed En g/ IFEE Trans. Auton. Mental

IEEE Abbreviations for Transactions, Journals, Letters Biomed En g/ IFEE Trans. Auton. Mental Develop. IFEE Rev. Biomed En g/ IFEE Trans. IFEE Trans. (fsom July Bio-Med En g/ * IFEE Trans. Bio-Med Electson.* IFEE Trans. Med Electron.*

221 views • 5 slides
Trans-Tasman Resources 2014 The Company (1) Trans-Tasman Resources Limited (TTR) was

Trans-Tasman Resources 2014 The Company (1) Trans-Tasman Resources Limited (TTR) was

Trans-Tasman Resources 2014 The Company (1) Trans-Tasman Resources Limited (TTR) was established in September 2007 to: explore, assess, and develop the rich iron ore deposits (iron sands) off the North Islands West Coast.

514 views • 20 slides
The Transgender Bechdel Test Assessing Trans Representation in Film and Television Zo Violet

The Transgender Bechdel Test Assessing Trans Representation in Film and Television Zo Violet

The Transgender Bechdel Test Assessing Trans Representation in Film and Television Zo Violet LeBeau Writing Studies Advisor: Dr. Alison Cardinal Why Is Trans Representation Important? Trans people are everywhere Heavily Marginalized

88 views • 7 slides
Civil engineering in the safety of the Trans-Manche Link Trans-Manche Link Dr Donald Lamont C.

Civil engineering in the safety of the Trans-Manche Link Trans-Manche Link Dr Donald Lamont C.

MASTERE SPECIALISE TUNNELS et OUVRAGES SOUTERRAINS De la conception lexploitation Documents pdagogiques internes au Mastre TOS Civil engineering in the safety of the Trans-Manche Link Trans-Manche Link Dr Donald Lamont C. Eng.

1.04k views • 99 slides
Please note that the black box above is not a redaction. This part of the slide is blank.

Please note that the black box above is not a redaction. This part of the slide is blank.

Please note that the black box above is not a redaction. This part of the slide is blank.

633 views • 45 slides
Trans- -Modal Modal Interface Interface Trans Migration Migration Renata Bandelloni, Silvia

Trans- -Modal Modal Interface Interface Trans Migration Migration Renata Bandelloni, Silvia

Trans- -Modal Modal Interface Interface Trans Migration Migration Renata Bandelloni, Silvia Berti, Fabio Patern HIIS Laboratory ISTI-CNR Pisa, Italy Mobile HCI 2004 13 - 16 September 2004 University of Strathclyde, Glasgow, Scotland

156 views • 14 slides
Trans Tasman Business Circle Melbourne, 19 October 2010 Address to the Trans Tasman Business

Trans Tasman Business Circle Melbourne, 19 October 2010 Address to the Trans Tasman Business

Trans Tasman Business Circle Melbourne, 19 October 2010 Address to the Trans Tasman Business Circle Mike Smith Speaking Notes Good afternoon and thank you for the warm welcome. About 10 days ago, I attended the annual meeting of the IIF in

396 views • 10 slides
CURRENT ACTIVITIES OF THE TRANS-NIH ME/CFS WORKING GROUP Chronic Fatigue Syndrome Advisory

CURRENT ACTIVITIES OF THE TRANS-NIH ME/CFS WORKING GROUP Chronic Fatigue Syndrome Advisory

CURRENT ACTIVITIES OF THE TRANS-NIH ME/CFS WORKING GROUP Chronic Fatigue Syndrome Advisory Committee (CFSAC) Vicky Whittemore, PhD Program Director NINDS, NIH Trans-NIH ME/CFS Working Group TRANS-NIH ME/CFS WORKING GROUP Mike Humble, Ph.D.

134 views • 10 slides
Northern Trans Pennine: Background and Wider Context Moving Britain Ahead 25 February 16

Northern Trans Pennine: Background and Wider Context Moving Britain Ahead 25 February 16

Northern Trans Pennine: Background and Wider Context Moving Britain Ahead 25 February 16 Northern Trans Pennine Stakeholder Reference Group: 25 January 2016 1 Background Three Studies announced in the first Road Investment Strategy: Trans

785 views • 59 slides
Moving to client-side hashing for online authentication Enka Blanchard 1 Xavier Coquand 2 Ted

Moving to client-side hashing for online authentication Enka Blanchard 1 Xavier Coquand 2 Ted

Moving to client-side hashing for online authentication Enka Blanchard 1 Xavier Coquand 2 Ted Selker 3 Digitrust, Loria, Universit e de Lorraine, www.koliaza.com Bsecure, Paris University of Maryland, Baltimore County 9th International

1.02k views • 18 slides
DEXCALIBUR AUTOMATE YOUR ANDROID APP REVERSE Or hooking for dummies

DEXCALIBUR AUTOMATE YOUR ANDROID APP REVERSE Or hooking for dummies

DEXCALIBUR AUTOMATE YOUR ANDROID APP REVERSE Or hooking for dummies https://github.com/FrenchYeti/dexcalibur.git WHO AM I ? GEORGES-B. MICHEL @FrenchYeti yeti@0xff.ninja Aka @FrenchYeti Software Security Evaluator at Thales Day

925 views • 77 slides
Heaven Applauds You 5 Now when Jesus saw the crowds, he went up on a mountainside and sat down.

Heaven Applauds You 5 Now when Jesus saw the crowds, he went up on a mountainside and sat down.

Heaven Applauds You 5 Now when Jesus saw the crowds, he went up on a mountainside and sat down. His disciples came to him, 2 and he began to teach them. He said: 3 Blessed are the poor in spirit, for theirs is the kingdom of heaven. 4

842 views • 12 slides
Introduction Ch 1 Object Oriented Main focus is on objects/variables and how they interact

Introduction Ch 1 Object Oriented Main focus is on objects/variables and how they interact

Introduction Ch 1 Object Oriented Main focus is on objects/variables and how they interact (represented by me as boxes) Reusable groups of actions (verbs) between objects are called functions (squiggly boxes) These actions can take additional

611 views • 34 slides
CS6 Practical System Skills Fall 2019 edition Leonhard Spiegelberg lspiegel@cs.brown.edu

CS6 Practical System Skills Fall 2019 edition Leonhard Spiegelberg lspiegel@cs.brown.edu

CS6 Practical System Skills Fall 2019 edition Leonhard Spiegelberg lspiegel@cs.brown.edu Midterm results & Logistics Midterm I average: 78.8% Midterm II average: 83% Final project presentations on 15th Dec @ CIT 3pm - 5pm

640 views • 33 slides
An Introduction to by Erik Johnson What is Salt? Remote Execution Run commands or

An Introduction to by Erik Johnson What is Salt? Remote Execution Run commands or

An Introduction to by Erik Johnson What is Salt? Remote Execution Run commands or functions on many hosts at once Receive results asynchronously as each host returns data to the master Uses the ZeroMQ messaging library

929 views • 34 slides
Making Password Checking Systems Be7er Tom Ristenpart Covering

Making Password Checking Systems Be7er Tom Ristenpart Covering

Making Password Checking Systems Be7er Tom Ristenpart Covering joint work with: Anish Athayle, Devda<a Akawhe, Joseph Bonneau, Rahul Cha<erjee, Adam

414 views • 30 slides
Modeling and Solving the Mixing of Liquids Bernd Schr oder logo1 Bernd Schr oder

Modeling and Solving the Mixing of Liquids Bernd Schr oder logo1 Bernd Schr oder

Overview An Example Double Check Units Reprised Modeling and Solving the Mixing of Liquids Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech University, College of Engineering and Science Modeling and Solving the Mixing of Liquids

975 views • 68 slides

More recommend