aboutsummaryrefslogtreecommitdiff
path: root/doc/design.md
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus@mullvad.net>2022-01-31 17:22:45 +0100
committerRasmus Dahlberg <rasmus@mullvad.net>2022-01-31 17:22:45 +0100
commit0d0edb3421232ac32f6f426089b46244cc838545 (patch)
tree1dcc66f102a264f006c091f91e5145fa62325695 /doc/design.md
parent9f49af2ad70764510bb34322157209f56095260f (diff)
documented the decided add-leaf endpoint proposal
Refer to doc/proposals/2022-01-add-leaf-endpoint for details.
Diffstat (limited to 'doc/design.md')
-rw-r--r--doc/design.md11
1 files changed, 6 insertions, 5 deletions
diff --git a/doc/design.md b/doc/design.md
index 85e0ea3..1173501 100644
--- a/doc/design.md
+++ b/doc/design.md
@@ -234,11 +234,12 @@ verification key is present in DNS and uses it to check that the signature is
valid, then hashes it to construct the Merkle tree leaf as described in
Section 3.1.
-When a submitted logging request is accepted, the log _tries_ to incorporate the
-submitted leaf into its Merkle tree. There are however no _promises of public
-logging_ as in Certificate Transparency. Therefore, sigsum logs do not provide
-low latency---the signer has to wait for an inclusion proof and a cosigned tree
-head.
+A sigsum log will
+ [try](https://git.sigsum.org/sigsum/tree/doc/proposals/2022-01-add-leaf-endpoint)
+to merge the submitted request, but without making any _promise of public
+logging_ as in Certificate Transparency with so-called SCTs. Therefore, sigsum
+logs cannot guarantee low latency. The signer needs to wait until the log
+accepted their request, after which it can be verified using an inclusion proof.
#### 3.2.3 - Wait for witness cosigning
Sigsum logs periodically freeze the most current tree head, typically every five