The scenario where more than one party has the private keys is described in scenario 6 [1]. The analysis of that scenario is that trust anchor negotiation has no effect on the surveillant's ability to carry out their goals.
1: https://github.com/davidben/tls-trust-expressions/blob/main/surveillance-and-trust-anchor-negotiation.md#scenario-6-government-mandates-escrow-of-tls-private-keys-and-secrets On Fri, Jul 19, 2024 at 7:06 PM Rob Sayre <say...@gmail.com> wrote: > Isn’t the most obvious issue that more than one party have the private > keys? > > thanks, > Rob > > On Fri, Jul 19, 2024 at 18:29 Devon O'Brien <asymmetric= > 40google....@dmarc.ietf.org> wrote: > >> Hi all, We’ve added a document that attempts to summarize, and offer an >> initial analysis of, several of the scenarios that have been raised in >> on-list discussions related to the possibilities that Trust Expressions (or >> more broadly, Trust Anchor Negotiation) could be used to enable >> surveillance, or to make surveillance easier to achieve than with existing >> solutions. >> >> We’ve been adding to this document for some time, and while there is >> overlap with the documents that Dennis has recently shared, it is not a >> response to them, as it was nearly complete by the time they were posted. >> Our goal is for this analysis to be complete and accurate, so we will >> incorporate additional scenarios, arguments, and analysis over time based >> on the ensuing discussion. >> >> >> https://github.com/davidben/tls-trust-expressions/blob/main/surveillance-and-trust-anchor-negotiation.md >> >> As with any of the other documents in the repository, we encourage you to >> ask on list, or file a github issue if you feel we have missed something or >> that our analysis is incorrect >> >> We look forward to the WGs comments and hope to see those coming to >> Vancouver next week. >> >> - Devon, Bob, David >> _______________________________________________ >> TLS mailing list -- tls@ietf.org >> To unsubscribe send an email to tls-le...@ietf.org >> > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org >
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
