transport recency blob #280
Comments
|
it seems like we are adding more security here. I wonder whether we need to implement #95 first before doing this or we can do both at the same time |
|
btw, can you clarify if "it" in these are "transport" or "client"? I have a feeling you mean "transport" but client can also contact with server |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
when a client talks to a transport, there are two things it needs to know:
has it been in contact with the server
has it been in contact with the server since it sent the last bundle
tells lets the client know it's worth interacting with the transport and 2) lets it know that it's time to upload a new blob.
we also want to preserve the anonymity of the transports: the bundle server knows the transports, but the transports are anonymous to the clients.
we can accomplish both things by having a blob make up of the following:
[M, Ms] where M = [nonce, timestamp, Tepub] and Ms = M signed by the server
whenever the transport talks to the server, it sends an ephemeral (generated each time it talks to the server) public key using a channel authenticated #95 by its identity key. the server will include the recency blob in its response.
when the transport talks to the server, it will authenticate with Tepub and the client will retrieve the recency blob and validate 1) and 2)
follow on work could include a bloomfilter to indicate that the transport has communicated on behalf of a specific client before.
The text was updated successfully, but these errors were encountered: