[noise] Versioning (was Re: Noise Certificates?)

Stephen Touset stephen at squareup.com
Thu Jul 31 00:41:46 PDT 2014

On Jul 30, 2014, at 9:59 PM, Tony Arcieri <bascule at gmail.com> wrote:

> On Wed, Jul 30, 2014 at 8:26 PM, Trevor Perrin <trevp at trevp.net> wrote:
>  - precede all messages with 1-byte version
> Can I suggest two version numbers?
> - A major version number for security upgrades, e.g. a previous ciphersuite is vulnerable to an attack and the server should inform the client
> - A minor version for purely additive changes to the ciphersuite that provide additional performance and/or security properties, e.g. djb's new stream cipher Macarena20 has just won the CAESAR competition and we'd like to start using it if it's mutually supported

ƒYou could make an argument that the list of ciphersuites is outside the scope of versioning. Since there’s no currently specified way for two independently-developed Noise implementations to negotiate which cipher to use (nor any other “feature” for that matter), it seems that *any* change in the Noise spec is a breaking change between two clients.

Something like this would potentially be done on a higher-level protocol built on top of Noise.

Stephen Touset
stephen at squareup.com

More information about the Noise mailing list