Dear all,
I've started looking into building a more complete and stable Sigsum
verifier to run in the browser extension I'm prototyping. The model I
sent previously changed a bit, we are removing Sigstore, to allow
website administrators to specify their own ed25519 signing keys, and
bring their own logs. The "bring your own log" model has been suggested
in the WAICT proposal[1], and I think it improved decentralization for
the better.
I think the WAICT proposal refers to a type of log, or in general to log
software that does not exists yet, and I think Sigsum fits the job well.
I would like thus for website administrators to specify a Sigsum policy,
but since that will be shipped in the HTTP headers, I'd need something
more serialization friendly, such as JSON.
While looking into the policy format, I was wondering why the quorum is
global and not per log?
In a JSON like format, I was imagining something like this, also to
reduce to the minimum key/texts duplication:
{
"witnesses": {
"X1": "base64-key-X1",
"X2": "base64-key-X2",
"X3": "base64-key-X3",
"Y1": "base64-key-Y1",
"Y2": "base64-key-Y2",
"Y3": "base64-key-Y3",
"Z1": "base64-key-Z1"
},
"groups": {
"X-witnesses": {
"2": ["X1", "X2", "X3"]
},
"Y-witnesses": {
"any": ["Y1", "Y2", "Y3"]
},
"Z-witnesses": {
"all": ["Z1"]
},
"XY-majority": {
"all": ["X-witnesses", "Y-witnesses"]
},
"Trusted-Bloc": {
"any": ["XY-majority", "Z-witnesses"]
}
},
"logs": [
{
"base_url": "https://log-a.example.org",
"public_key": "base64-logkey-A",
"quorum": "X-witnesses"
},
{
"base_url": "https://log-b.example.org",
"public_key": "base64-logkey-B",
"quorum": "Trusted-Bloc"
}
]
}
It's just exploratory, but I'm a bit confused by the multi-log model.
For instance, you'd expect the signers to send to two logs and then
provide back two proofs bundles, or you'd expect a log with a policy
with multiple logs, to propagate to the second log?
In this format, I'd support per-log quorum, and probably thus expect
multiple proofs.
Cheers
Giulio
[1]
https://github.com/rozbb/draft-waict-transparency/blob/main/draft-waict-tra…
Hi all,
For my master's thesis, and as a way to showcase a solution to the
long-standing problem of using web applications for cryptographic tasks
in the browser, without having to rely on server trust, I've developed a
system that integrates a few components:
- Sigsum is used to transparently build a list of authorized signers
for each domain that wants to participate in the system.
- Sigstore is used to sign executable web assets (JS, HTML, CSS, WASM)
using OIDC identities, with the authorization for a specific domain
verified against the Sigsum-powered list.
The demo shows the system securing some of the most common self-hostable
web apps, such as Jitsi, Element, and CryptPad.
There is currently some shared interest from the Tor Project in bringing
similar functionality into TBB.
For a higher-level description, see [1], and for the project repository,
see [2]. I’ll share my thesis at a later date, which will include
additional insights and threat modeling for the whole system.
Cheers
Giulio
[1] -
https://securedrop.org/news/introducing-webcat-web-based-code-assurance-and…
[2] - https://github.com/freedomofpress/webcat