[noise] Versioning (was Re: Noise Certificates?)

Trevor Perrin trevp at trevp.net
Wed Jul 30 20:26:48 PDT 2014


On Tue, Jul 29, 2014 at 7:56 PM, Tony Arcieri <bascule at gmail.com> wrote:
> On Tue, Jul 29, 2014 at 7:10 PM, Trevor Perrin <trevp at trevp.net> wrote:
>>
>> But arguably we should do more to support versioning.  It would be
>> good if anyone trying to create a "real" protocol around this could
>> think about this and see what would work for them.
>
>
> +1 to versioning.


Alright, proposal for minimal versioning:
 - precede all messages with 1-byte version
 - defaults to zero, and to reject non-zero values
 - libraries should provide callbacks to set or examine version values

The idea is you can ignore the version until you need it, and then you
have a handy way to signal upgrades or whatever.

We'd talked about presenting specific structures for the different
types of boxes.  So combining all this would be:

struct {
    bytes encrypted_sender_pubkey[DH_LEN];
    bytes mac[MAC_LEN];
    NoiseBody body;
} NoiseBox;

struct {
  byte version;
  bytes ephemeral_pubkey[DH_LEN];
  NoiseBox box;
} StandaloneBox;

struct {
  byte version;
  bytes ephemeral_pubkey[DH_LEN];
  NoiseBox box;
} ServerBox;

struct {
  byte version;
  NoiseBox box;
} ClientBox;

struct {
  byte version;
  bytes ephemeral_pubkey[DH_LEN];
} ClientStart;


The pipe handshake would be:
C->S:  ClientStart
C<-S:  ServerBox
C->S:  ClientBox

Thoughts?

Trevor


More information about the Noise mailing list