[noise] NoiseLink customization

[Trevor Perrin]

On Thu, Feb 15, 2018 at 8:57 AM, Alexey Ermishkin <scratch.net at gmail.com> wrote:
> To continue our discussion on the negotiation and handshake data format, I'd
> like to think about how do one add something of his own without disturbing
> others.

Hi Alexey,

Thanks for bringing this up, we need to dive back into NoiseSocket /
NoiseLink.  Figuring out the right layers and terminology between
(NoiseSocket, NoiseLink?, other things?) still has a lot of open
questions.  But we've made a good start with NoiseSocket.


> As an example, we'll need to transmit static key's signature and signer's
> data (certificate or ID). Which will happen inside  handshake messages
> together with transmitting those static keys.
> Should we then bind all field numbers before, say, 1000, for predefined
> NoiseLink fields and allow customized ones starting with 1001 ?

For additional fields within a handshake payload, are you thinking of
protobufs (proto3), as in "Other Negotiation" in [1]?

If we're more focused on custom protocols rather than interop, then we
could perhaps avoid partitioning the tag space by just defining a list
of possible fields, and allowing the custom protocol designer to
choose whichever they want, and assign their own tag numbers?  E.g.
one person could assign handshake fields like so:

message InitialHandshakePayload {
    uint32 max_message_size = 1;
    bool continuous_rekey = 2;
}

And another person could do:

message InitialHandshakePayload {
    string certificate_type = 1;
    string signature = 2;
    bool continuous_rekey = 3;
    uint32 max_message_size = 4;
}


But as long as they handled things like "continuous_rekey" and
"max_message_size" in the same way, then we could still auto-generate
code to handle this.

Of course, for interop we'd need more alignment, but I wonder if
that's yet another layer of profiles or something on top of a
NoiseSocket or NoiseLink?

Trevor


[1] https://moderncrypto.org/mail-archive/noise/2017/001373.html