Automatic IETF Minutes

Markdown Version | Session Recording

Session Date/Time: 29 Mar 2023 04:00

# keytrans

## Summary

This session explored the need for and potential standardization of key transparency (KT) protocols. The discussion covered problem statements, existing implementations (Keybase, Zoom), and a proposed draft standard (Traffic). Key areas of focus included the role of third-party auditors and metadata privacy. The meeting concluded with a strong indication of community interest in pursuing standardization efforts.

## Key Discussion Points

*   **Problem Statement:** The core issue is the lack of a secure, publicly verifiable way to distribute public keys for encrypted services, requiring users to trust service providers for key accuracy.
*   **Key Transparency (KT) Basics:** KT uses cryptographically assured properties (consistency and append-only) to enable users to monitor their keys and detect unexpected changes.  Merkle trees are a common underlying technology.
*   **Existing Implementations:**
    *   **Keybase:** A production system since 2014, maps online identities to public keys, uses social proofs for verification, and includes account reset mechanisms.
    *   **Zoom:** Planning to deploy KT, focusing on domain-based user identifiers and allowing device additions without requiring existing devices.
*   **Traffic (Proposed Draft):**
    *   Presents a client-server model for key-value database interaction.
    *   Defines three deployment modes: contact monitoring (single-party), third-party auditing, and third-party management.
    *   Aims for immediate log entry addition but doesn't consider metadata privacy.
*   **Third-Party Auditors:**
    *   Debate on whether third-party auditing is essential for security or an optional optimization.  Discussion centered on whether a designated auditor, or whether anyone could act as an auditor.
*   **Metadata Privacy:** Consideration of hiding metadata about users and key updates, versus accepting potential information leakage. Some think that maybe we can live without the extra complexity of metadata privacy.
*   **Commitments vs. Full Key Material:**  Consideration of storing commitments (hashes) of key material instead of the key material directly in the transparency log for added flexibility and privacy.
*   **Incentives:** Discussion of incentives for service providers to adopt KT.

## Decisions and Action Items

*   **Strong consensus to do work in this space.**
*   **Chairs and proponents will work on developing a charter.**

## Next Steps

*   **Charter Development:** Draft a charter that specifies design goals and standardization scope, to be shared on the mailing list.
*   **Mailing List Discussion:** Continue technical discussions and charter refinement on the keytrans mailing list.