[noise] Proposal: certificate and private key format
Rhys Weatherley
rhys.weatherley at gmail.com
Wed Apr 20 04:11:17 PDT 2016
The Noise protocol's API specifies the use of bare public and private keys
for arguments. While literally anything can be done with bare keys, they
are likely to be unwieldy in practice for applications to manage.
A better application-facing API might include functions
SetPrivateKeyFile(filename, passphrase) and
SetRemoteCertificateFile(filename).
So, here's an idea I've been drafting for a few days:
http://rweather.github.io/noise-c/cert_key_format.html
I have no code implemented - the key values on that page are all fake. But
hopefully it gets the idea across. The purpose is to improve key
portability between implementations, but of course individual applications
might make other key management choices.
The current design is inspired by the original PEM and PGP formats.
Another approach I've thought about is something like the SSH key format.
Any thoughts?
Cheers,
Rhys.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20160420/1c79370b/attachment.html>
More information about the Noise
mailing list