Support Roughtime types in Rekor #831
Comments
|
Reading the draft RFC for Roughtime: https://datatracker.ietf.org/doc/draft-ietf-ntp-roughtime/ and the blog post above, it seems like it's an alternative to NTP, not as a TSA? While Roughtime expects a 32byte nonce in each request, is the idea to use the sha256 digest of some entity as the nonce, and so create time-stamping authority via that? What can be done with Roughtime is to chain requests to cryptographically bind multiple responses into a chain (hash chain). Would the idea here be that let Rekor first query an external Roughtime server, hash the to be stored entry with the response, then use that digest as the nonce when querying the external Roughtime server again, and the persist that result on the ledger? If the threat we are trying to protect against is not trusting Rekor's internal clock, wouldn't it suffice to integrate with a TSA, and extend the response from Rekor to include that signed timestamp? (the signing can be done over e.g. the signedTimestamp already produced by Rekor, which will bind Rekor's internal clock, log id/index and the digest of the record together with the time from the external trusted TSA). |
|
Is there any known usage of Roughtime? Or a good client? |
Description
Add an additional timestmaping type to Rekor.
Roughtime is a modern timestamping standard https://blog.cloudflare.com/roughtime/
In addition to supporting RFC 3161 for compatibility (eg sigstore/gitsign#22 (comment)), Rekor could also log Roughtime timestamps.
There is some discussion on and linking from #824 (comment) on separating Rekor's TSA and supporting Roughtime.
Adding Roughtime entries to Rekor would also allow clients to fencepost their entry upload, which will allow them to externally verify the system clock used in Rekor's integratedTime fields.
e.g. Rekor may be able to sandwich an entry upload between two roughtime fenceposts on request.
The text was updated successfully, but these errors were encountered: