aboutsummaryrefslogtreecommitdiff
path: root/doc/design.md
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus.dahlberg@kau.se>2021-10-07 15:15:28 +0200
committerRasmus Dahlberg <rasmus.dahlberg@kau.se>2021-10-07 15:15:28 +0200
commitbd47c47dfd26706b5846b53addd4ea8066f03c44 (patch)
treef91a182348f5610bd929fac17769c58b65204b84 /doc/design.md
parentacc5c838aa05ccfcd7bc7fd96a1342e803ebd88a (diff)
refactored abstract to better describe sigsum logging
Diffstat (limited to 'doc/design.md')
-rw-r--r--doc/design.md13
1 files changed, 8 insertions, 5 deletions
diff --git a/doc/design.md b/doc/design.md
index fca64ea..66e953e 100644
--- a/doc/design.md
+++ b/doc/design.md
@@ -1,9 +1,12 @@
# Sigsum Logging Design v0
-We propose sigsum logging. It is similar to Certificate Transparency, except
-that cryptographically **sig**ned check**sum**s are logged instead of TLS
-certificates. Publicly logging signed checksums allow anyone to discover which
-keys produced what checksum signatures. For example, malicious and unintended
-key-usage can be _detected_. This document motivates and presents our design.
+We propose sigsum logging. It is similar to Certificate Transparency and Go's
+checksum database, except that cryptographically **sig**ned check**sum**s are
+logged in order to make signature operations transparent. For example,
+malicious and unintended key-usage can be detected using a sigsum log. This is
+a building block that can be used for a variety of use-cases. Transparent
+management of executable binaries and provenance are two examples. Our
+architecture evolves around centralized log operations, distributed trust, and
+minimalism that simplifies usage.
**Preliminaries.**
You have basic understanding of cryptographic primitives, e.g., digital