[noise] NLS?

Trevor Perrin trevp at trevp.net
Sun Mar 18 22:38:00 PDT 2018


On Wed, Mar 14, 2018 at 7:28 PM, Alexey Ermishkin <scratch.net at gmail.com> wrote:
> The new spec looks promising, however it probably needs a better visual mapping of NLS objects to Noise messages (noise messages aren't enumerated) so that it would be clearer which message is sent when and when one should put an evidence into the payload.

Totally agree, I created a "rev2" draft branch, see if the new section
3.3 helps:

https://github.com/noiseprotocol/nls_spec/blob/rev2/output/nls.pdf

While working through this, I wasn't happy with the way "psk_id" was
duplicated in the negotiation_data and the handshake payload.  It
makes sense that we might need to sometimes send psk_id in the
negotiation_data payload, but I think that's true for all the
handshake payload fields (e.g. in a fallback or switch case the
responder might not have been able to decrypt the handshake payload,
so it will have to get evidence_request _type out of
negotiation_data).

So I changed NegotiationDataRequest to have an early_payload that can
contain HandshakePayload fields, and I changed NoiseLink to use this.
This allows a NoiseLink client to specify evidence_request_types in an
IK message, and the server can process it even if it can't decrypt the
initial IK message.

I think this is a good change, but would love to get feedback from you
and Gerardo.

Trevor


More information about the Noise mailing list