[noise] rev32b (Release Candidate)
Trevor Perrin
trevp at trevp.net
Sat May 13 14:03:12 PDT 2017
On Sat, May 13, 2017 at 6:14 PM, Alex <alex at centromere.net> wrote:
> On Sat, 13 May 2017 17:40:19 +0000
> Trevor Perrin <trevp at trevp.net> wrote:
>
>> It's a good question how general-purpose libraries should handle the
>> combinatorics of pattern modifiers. For example, should a library
>> hardcode all the patterns listed in this (and future) specs, or should
>> it only hardcode the base patterns (XX, IK, etc), and then apply
>> user-specified modifiers?
>>
>
> What if the user wants to add their own Noise extension that introduces
> a new token? Will they be required to fork your library, or would there
> be an interface for adding new tokens?
[...]
> For instance, how do you communicate to a library your intention to add
> a `foo` token right before the `bar` token in the second message
> pattern of some arbitrary handshake? That sounds like a very complex
> API.
I'd consider separately:
(a) library users defining new tokens
(b) library users defining new patterns with existing tokens
For (a) I tentatively think that defining new tokens ("psk", possibly
"sig" for signatures or "f"/"ff" for hybrid forward-secrecy) is
complicated and rarely needed, so probably should be handled by
experts (us!) instead of library users.
For (b) it might be the case that we can define enough pattern
modifiers ("noidh", other modifiers that defer DH or add "ss" tokens,
etc) that there's no need for users to explicitly specify patterns,
since users can simply name anything they want in terms of base name +
modifiers.
We're not there yet, so perhaps there's also value to allowing users
to explicitly specify a pattern? I would at least mark this as a
dangerous API for experts, as it seems error-prone and we've named the
main useful patterns, so if you think you need it you might be doing
something wrong.
But I'm not sure it's a "wrong" API - I think it's an open question
what the best general-purpose Noise API is, and it will take us some
time and experimentation to figure out.
Trevor
More information about the Noise
mailing list