[noise] certificate chains
Justin Cormack
justin at specialbusservice.com
Sat Jun 30 05:25:56 PDT 2018
There is nothing officially defined yet, although there are mentions
that it may be in a future release,
to replace some of the DH by certs.
However you can implement it yourself by using the extra messages in
the handshake to include a
certificate that signs the key that has been passed (in an X or I
handshake), and using that to validate
the key. You need to be a little careful about the security properties
of the additional messages at
the point where it is sent.
On 30 June 2018 at 13:05, Arvid Picciani <aep at exys.org> wrote:
> Hi,
>
> i'm super confused if cert chains are actually possible with noise.
> The initial AKE seems to assume that the static keys are ALWAYS used
> for auth and crypto at the same time.
>
> Am i looking at this from the wrong angle here? I'm trying to figure
> out a way to have:
>
> - an encrypted connection from A to B
> - where B only knows about C
> - but A has obtained prior proof that C authorized A (ed25519 for example)
>
>
> /b/
> Arvid
> _______________________________________________
> Noise mailing list
> Noise at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/noise
More information about the Noise
mailing list