[Sovereign Keys] A design question: How should timelines and mirrors operate?

[Erik Tews]

Hi

I would like to ask an intresting design question: Assuming that all
timeline data is signed by the timeline operator, and it is distribute
to mirror servers. How should freshness be ensured, and what can do to
improve the availability of the timeline?

One possible solution could be, that every mirror operator adds an
addtitional freshness signature to every response or every entry in the
timeline. The key used for this signature is different from the timeline
operators key. If the primary server for the timeline goes down for a
while, mirror operators can still sign their responses, and client can
have some trust in the freshness of the responses. On the other hand,
this makes the protocol a bit more complex. A client needs to check two
signatures, one for the integrity and authenticity of the data (from the
timeline operator), and one for the freshness. Also, a mirror operator
must be trusted to some extended, because he can prevent the client from
receiving updates from the timeline. Also, a timeline operator needs to
operate a backup server anyway, because the primary timeline server
should copy all entries that are added to the timeline, should be copied
to a remote side, if the primary server dies after having added and
distributed a new entrie to the timeline.

An alternative would be, that the timeline operator would need to
operate multiple servers at different locations. All servers have access
to the private key of the timeline, and need to be syncronized, whenever
the timeline is updated. If one or a few of the servers go down, the
rest of the servers just continue to operate the timeline. The signature
of the timeline opeator is often renewed, to prove integrity,
authenticity and freshness of the responses. This makes the protocol
design for the clients much easier, because only a single signature
needs to be checked, but operating a timeline is much more difficult.
Also, a timeline operator needs to make sure that all these server never
divergate, and all servers are hosted at secure locations, because they
all have access to the private key.

Also, a good question is how to handle permanent failures of a timeline.
For example a timeline operator could go bankrupt, or loose the private
key. All client, that insist opon this timeline would act like under an
attack, because no fresh responses from this timeline are available
anymore.

I look forward to hearing comments about this.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.eff.org/pipermail/sovereign-keys/attachments/20120228/423bd602/attachment.sig>