cybre:uranther #012.018 is a user on cybre.space. You can follow them or interact with them if you have an account anywhere in the fediverse.
cybre:uranther #012.018 @uranther

Have you seen the Root Signing Ceremony?? :blobwoah:

cloudflare.com/dns/dnssec/root

Participants:
The Ceremony Administrator
An Internal Witness
The Credentials Safe Controller
The Hardware Safe Controller
Crypto Officer #1
Crypto Officer #2
Crypto Officer #3

"Their roles are divided in a way that ensures less than a 1:1,000,000 chance that a group of conspirators could compromise the root-signing key, assuming a 5% dishonesty rate amongst these individuals. "

· Web · 5 · 13
rysiek ✅ @rysiek@mastodon.social

@uranther 7 individuals, 5% dishonesty rate?

What does that even mean? 100/7 = ~14%. A person can either be dishonest, or not.

Or are we talking about them being somewhat dishonest, some of the time?..

I don't get it.

cybre:uranther #012.018 @uranther

@rysiek The way I understood it was that each participant can be dishonest 5% of the time. If they are all dishonest at that rate - and there is only a root signing ceremony every few months - a "group of conspirators" (subset of 7) have less than a one-one-millionth chance to compromise the key.

rrix 🍕🌎 @rrix

@uranther for a while @iliana and I ran a small CA and wanted to emulate as much of this as we could get away with

iliana :trans_heart: @iliana

@rrix @uranther still sad we never got robes for it

rrix 🍕🌎 @rrix

@iliana @uranther i still have it in my bezoswishlist

cybre.space powered by Mastodon