aboutsummaryrefslogtreecommitdiff
path: root/archive/2021-11-16-in-person-meet-pad
blob: d648555c1f0f8407fbe8b66f7012429b698b22bd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
Attendees
---
	* rgdd
	* ln5
	* kfreds

Agenda
---
0.  Vision and milestones
	* "More than one production log, several production witnesses"
	* https://git.sigsum.org/sigsum/tree/archive/2021-10-19--meeting-minutes
		* Near-term TODOs, other than what is additionally identified below.

1.  Sharding, few ideas and related details to consider
	* https://git.sigsum.org/sigsum/tree/archive/2021-11-09-sharding-ideas
	* Touches policy aspects of sigsum, e.g., how roots of trust are configured.
	* Touches ecosystem aspects of sigsum, e.g., how witnesses learn about new logs.
	* TL;DR:
		* We liked the idea of an open-ended shard interval
		* A threat with longer-lived shards is more opportunity to poison logs
			* Currently 32 bytes per leaf are arbitrary
			* We revisited and refined an old idea on how to remove those arbitrary bytes
		* Decision: rgdd summarizes our discussion by preparing two proposals

2.  Revisit signature scheme and format
	* Complexity vs utility trade-off, support any additional signature algorithms?
	* Where allow agility, if at all? Log, witness, signer.
	* Include a sigsum context in the statement that is signed?
	* We would be remarkably close to SSH's blob format at this point.
		* https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.sshsig
	* TL;DR:
		* We want context (good hygiene), maybe even a fixed magic string
		* If what we want can be backwards compatible with ssh tooling -> great!
		* We did not come to a conclusion about how much agility to allow and where
			* Agility should be for "what is wanted now", rather than "maybe in the future"
			* A NIST curve could be useful at a first glance, as an option to Ed25519
		* Decision: ln5 summarizes our ssh-format discussion by preparing a proposal

3.  If time permits, consider smaller design TODOs in our backlog
	* https://git.sigsum.org/sigsum/tree/archive/2021-10-05-open-design-thoughts
	* HTTP GET for the three get* endpoints with input parameters?
	* Make room for other rate limiting ideas than DNS?
	* Get inclusion proof from add-leaf endpoint?
	* TL;DR:
		* We did not have time to discuss this at all, deferred.

4.  Other
	* Self-hosting
		* In-line with our values, continue with best-effort level "good enough for sigsum"
		* Mailing list needs a little bit more work, some mail clients may not get delivery
	* Sounds like it would be a good idea to start a proposals directory
		* Decision: https://git.sigsum.org/sigsum/tree/doc/proposals