From 01189f114bafa2a6ad68dacc2b7418bb303bdd35 Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 22 Jun 2021 23:25:09 +0200 Subject: imported logging docs without any changes --- doc/claimant.md | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 doc/claimant.md (limited to 'doc/claimant.md') diff --git a/doc/claimant.md b/doc/claimant.md new file mode 100644 index 0000000..6728fef --- /dev/null +++ b/doc/claimant.md @@ -0,0 +1,71 @@ +# Claimant model +## **SystemCHECKSUM** +SystemCHECKSUM is about the claims made by a data publisher. +* **ClaimCHECKSUM**: + _I, data publisher, claim that the data_: + 1. has cryptographic hash X + 2. is produced by no-one but myself +* **StatementCHECKSUM**: signed checksum
+* **ClaimantCHECKSUM**: data publisher
+ The data publisher is a party that wants to publish some data. +* **BelieverCHECKSUM**: end-user
+ The end-user is a party that wants to use some published data. +* **VerifierCHECKSUM**: data publisher
+ Only the data publisher can verify the above claims. +* **ArbiterCHECKSUM**:
+ There's no official body. Invalidated claims would affect reputation. + +SystemCHECKSUM\* can be defined to make more specific claims. Below +is a reproducible builds example. + +### **SystemCHECKSUM-RB**: +SystemCHECKSUM-RB is about the claims made by a _software publisher_ +that makes reproducible builds available. +* **ClaimCHECKSUM-RB**: + _I, software publisher, claim that the data_: + 1. has cryptographic hash X + 2. is the output of a reproducible build for which the source can be located + using X as an identifier +* **StatementCHECKSUM-RB**: StatementCHECKSUM +* **ClaimantCHECKSUM-RB**: software publisher
+ The software publisher is a party that wants to publish the output of a + reproducible build. +* **BelieverCHECKSUM-RB**: end-user
+ The end-user is a party that wants to run an executable binary that built + reproducibly. +* **VerifierCHECKSUM-RB**: any interested party
+ These parties try to verify the above claims. For example: + * the software publisher itself (_"has my identity been compromised?"_) + * rebuilders that check for locatability and reproducibility +* **ArbiterCHECKSUM-RB**:
+ There's no official body. Invalidated claims would affect reputation. + +## **SystemCHECKSUM-LOG**: +SystemCHECKSUM-LOG is about the claims made by a _log operator_. +It adds _discoverability_ into SystemCHECKSUM\*. Discoverability +means that VerifierCHECKSUM\* can see all +StatementCHECKSUM that BelieverCHECKSUM\* accept. + +* **ClaimCHECKSUM-LOG**: + _I, log operator, make available:_ + 1. a globally consistent append-only log of StatementCHECKSUM +* **StatementCHECKSUM-LOG**: signed tree head +* **ClaimantCHECKSUM-LOG**: log operator
+ Possible operators might be: + * a small subset of data publishers + * members of relevant consortia +* **BelieverCHECKSUM-LOG**: + * BelieverCHECKSUM\* + * VerifierCHECKSUM\*
+* **VerifierCHECKSUM-LOG**: third parties
+ These parties verify the above claims. Examples include: + * members of relevant consortia + * non-profits and other reputable organizations + * security enthusiasts and researchers + * log operators (cross-ecosystem) + * monitors (cross-ecosystem) + * a small subset of data publishers (cross-ecosystem) +* **ArbiterCHECKSUM-LOG**:
+ There is no official body. The ecosystem at large should stop using an + instance of SystemCHECKSUM-LOG if cryptographic proofs of log + misbehavior are preseneted by some VerifierCHECKSUM-LOG. -- cgit v1.2.3