Supporting the kernel.org transparency log #648
Comments
|
Hi Morten, Yes, the omniwitness (and others here) are specifically targeted at verifying Merkle tree based logs, it'll be hard to have them support git trees (I suspect a consistency "proof" there is essentially a fast-forward merge of the intervening commits!) The serverless log might be a good fit if you want to bring things closer in shape to some of the other transparency ecosystems - perhaps it might be worthwhile working through what a claimant model based description of such a system might be? |
|
Yes, I think the serverless log work is perfect for this use case. If you were to use that then the omniwitness work would be able to support your effort also. |
|
@Foxboron anything we can do to help you make progress with this? |
|
I don't think so. The work on having kernel.org working with |
|
Hi @Foxboron, I'm not sure if this is something you're still interested in/actively pursuing, but I just wanted to let you know that we've recently "promoted" serverless logs out of here and into its own repo: https://github.com/transparency-dev/serverless-log . |
kernel.org maintains a transparency log in the form of a git repository and I was wondering how one should go about supporting this for the omnifeeder? Currently creating proofs is impractical as one would need to traverse the git repository and not all entries on the log is signed either. I'm a bit unsure about the usefulness of supporting git repositories like this in general?
Would it be better to throw the entries on a serverless implementation maybe?
https://git.kernel.org/pub/scm/infra/transparency-logs/gitolite/git/1.git/
I wrote up a monitor last year, but something more sound would probably be better :) https://tlog.linderud.dev/
The text was updated successfully, but these errors were encountered: