aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* updated design descriptionRasmus Dahlberg2021-10-021-18/+10
| | | | | | - Minor rephrasing and white-space changes to make raw text nicer. - Avoid using sigsum as "signed checksum" in text. Not helpful. - Removed TODO in text about Figure 2. It works without it for now.
* updated threat modelRasmus Dahlberg2021-10-021-22/+22
| | | | | | | | | | | | | | | - Minor rephrasing and white-space changes to make raw text nicer. - Avoid using sigsum as "signed checksum" in text. Not helpful. - Removed paragraph about risk-averse attacker. It is not needed to make our points right now. In a future revision, we should re-add this and explain why it is interesting. It would also be a good idea to then cite the two papers that z4lem mentioned a while back, see archive. - Clarified that we need a threshold of witnesses that follow the cosigning protocol for security. It is a start on addressing rohonk's comment about which parties may (not) follow protocol and why. - Emphasized that sigsum logging is only more course-grained than CT if the data is actually lost. Hence, more course-grained _in isolation_. - Added links to slow-down and split-view attacks.
* updated introductionRasmus Dahlberg2021-10-021-30/+43
| | | | | | | | | | | | - Minor rephrasing and white-space changes to make raw text nicer. - Avoid using sigsum as "signed checksum" in text. Not helpful. - Replaced TPM quote example. Not easy for everyone to relate to. - Added a paragraph with examples of how our design goals are not fulfilled by CT. This starts to address Rohon's comment about having comparative study. Elaborate later on, and include more than just CT. - Pointed out that our abstract setting is not 100% claimant model. For example, the claimant model does not say much about role interaction. - Fixed missing and broken links.
* updated abstractRasmus Dahlberg2021-10-021-6/+6
| | | | | | - Avoid using sigsum as "signed checksum" in text. Not helpful. - Promise less about use-case discussion. We are not there yet. - Emphasize that we want feedback by having that on a separate line.
* reverted checkpoint terminology for nowRasmus Dahlberg2021-10-021-10/+8
|
* don't require TrunnelLinus Nordberg2021-10-021-4/+5
|
* wordingLinus Nordberg2021-10-021-1/+1
| | | | Slightly more general claim -- "protocols" and "data formats".
* clarify distribution mechanismLinus Nordberg2021-10-021-1/+1
|
* trim whitespaceLinus Nordberg2021-10-021-11/+11
|
* s/github/git.sigsum/Linus Nordberg2021-10-021-1/+1
| | | | Yay!
* don't use "X" twiceLinus Nordberg2021-10-021-1/+1
| | | | Two "X" in the same section, unrelated, can be more confusing than clarifying.
* minor wording changesLinus Nordberg2021-10-021-3/+3
| | | | | | - more than two perspectives - avoid "deployment" to refer to "log operations" - don't say "idiot"
* "repository" is not yet definedLinus Nordberg2021-10-021-1/+1
| | | | So let's wait with using it. The sentence stands fine without it.
* BGP announcments might have higher requirements on timelinessLinus Nordberg2021-10-021-2/+1
| | | | | | | | They're also not typically communicated in a repository of any kind. BGP updates _could_ of course be logged for non-realtime historical storage (archiving) but as an example this early in the text it's mostly confusing.
* refactored design.md so that it is mostly up-to-dateRasmus Dahlberg2021-10-021-99/+116
| | | | | | | | | - Improved introduction so that it gives a better intuition of how we think about sigsum logging and what our contribution actually is - Clarified that monitoring is a 4th step (monkey-patched) - Added checkpoint as part of our design description - Emphasized witnessing at the start of 'how it works' - A bunch of minor edits and clarifications
* refactored introduction, mostly minor editsRasmus Dahlberg2021-10-021-22/+23
|
* started to restructure and refactor the q/a sectionRasmus Dahlberg2021-10-021-66/+34
|
* continued refactor of design description, bird's viewRasmus Dahlberg2021-10-021-116/+176
|
* started on a refactored design descriptionRasmus Dahlberg2021-10-021-19/+96
|
* replaced unicode character that is confusing in textRasmus Dahlberg2021-09-301-3/+3
|
* add empty line to have the list renderedLinus Nordberg2021-09-301-0/+1
|
* end more url's with a slashLinus Nordberg2021-09-301-4/+3
|
* end url's with a slashLinus Nordberg2021-09-301-1/+1
|
* add a link explaining the Onion Location headerLinus Nordberg2021-09-301-0/+1
|
* minor language changesLinus Nordberg2021-09-301-9/+9
|
* refactored README.md and website textRasmus Dahlberg2021-09-301-25/+34
| | | | | | | - Fixed list that should render correctly on cgit's web interface - Added a services section - Moved up relevant links that should come before services - A few minor edits
* clarified that what is logged is a minimal statementRasmus Dahlberg2021-09-281-1/+1
| | | | A claimant may add additional implicit claims via policy.
* fixed endpoint examplesRasmus Dahlberg2021-09-281-13/+28
| | | | | | - Better readability with full code blocks - Replaced localhost with <base url> - Generated new add-leaf example that should be valid
* minor edits and typo fixesRasmus Dahlberg2021-09-281-8/+9
|
* removed unused Trunnel structureRasmus Dahlberg2021-09-281-13/+5
|
* noted that verified timestamps have more use-casesRasmus Dahlberg2021-09-281-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | A believer can be convinced that a sigsum was logged after time T. This is because witnesses do Verifier(append-only) and Verifier(Freshness). Outline: a claimant is about to log a sigsum. 1. Fetch the most recent cosigned tree head. - Timestamp is T - Tree size is N 2. Submit sigsum for logging. 3. Wait for inclusion at index N+k, k=>0. 4. Wait for next cosigned tree head. - Timestamp is T', where T' > T - Tree size is N', where N' > N+k 5. Download inclusion proof for tree size N'. Now you can convince a believer that a sigsum is publicly logged. Just reveal inclusion proof which leads up to the second cosigned tree head. Next, you can reveal the first cosigned tree head that _have not merged that entry yet_. This follows from the first cosigned tree head size, and makes it obvious that the entry must have been merge after time T.
* added meeting minutesRasmus Dahlberg2021-09-281-0/+75
|
* persisted pads from meeting minutesRasmus Dahlberg2021-09-282-0/+140
|
* clarify chat room bridgingLinus Nordberg2021-09-231-1/+1
|
* fix a typoLinus Nordberg2021-09-231-1/+1
|
* try formatting the mailing list info for easier consumptionLinus Nordberg2021-09-231-6/+12
|
* add the mailing list to the contact sectionLinus Nordberg2021-09-231-0/+13
|
* expand the contact section, saying "chat"Linus Nordberg2021-09-231-0/+6
|
* un-bullet the list of claimsLinus Nordberg2021-09-231-5/+4
|
* persisted meeting minutesRasmus Dahlberg2021-09-211-0/+54
|
* added aborted api patch for future referenceRasmus Dahlberg2021-09-141-0/+548
|
* added meeting minutesRasmus Dahlberg2021-09-141-0/+35
|
* Merge branch 'main' of git.sigsum.org:sigsum into mainRasmus Dahlberg2021-09-141-16/+17
|\
| * don't use 'X' for different things in the same paragraphLinus Nordberg2021-09-131-3/+3
| |
| * s/the data/the right data/1Linus Nordberg2021-09-131-1/+1
| |
| * make a bullet list oiut of the three claimsLinus Nordberg2021-09-131-3/+4
| |
| * uppercasify "oftc" and add a linkLinus Nordberg2021-09-131-1/+1
| |
| * link to git.sigsum.org instead of to GHLinus Nordberg2021-09-131-4/+4
| |
| * more URL's ending in a slashLinus Nordberg2021-09-131-2/+2
| |
| * improve the chance that browsers try appending 'index.htm[l]'Linus Nordberg2021-09-131-2/+2
| | | | | | | | At least I think it works like this.