[noise] certificate chains

Arvid Picciani aep at exys.org
Tue Jul 17 02:49:27 PDT 2018


> so if you're willing to work with us for the next month

yes please!

here's what i'm working on:

https://github.com/aep/devguard/blob/master/README.md#proto

> XXsig1i+sig1r

looks good to me. I'm not sure about how detailed you want to specify
the signature package tho. Mine is more complex than just a single
ed25519 since it contains an entire chain as well as protocol specific
access to resources
https://github.com/aep/devguard/blob/master/proto/certificate.proto

I think noise should specify the flow of packages here, but not the
contents of the actual certificate.

Btw, I also notices that the NOISE headers are variable sized. I'm
padding the package to 256bytes boundaries to hide the state of
handshake. It would be harder to do that if the certificate is no
longer inside the payload.




On Fri, Jul 13, 2018 at 8:44 AM, Trevor Perrin <trevp at trevp.net> wrote:
> Hi Arvid,
>
> Sorry for delay -
>
> On Tue, Jul 3, 2018 at 4:45 PM, Arvid Picciani <aep at exys.org> wrote:
>>
>> NN
>>    -> e
>>    <- e, ee [u, u(h)]
>>    -> [u, u(h)]
>>
>> this looks identical to your proposed XXsig, except yours seems to be
>> signatures of the static key rather than the hash.
>
> I was signing the handshake hash as well.
>
> I'd like Noise to have an "official" named handshake pattern for this.
> It's useful to design these things in conjunction with people who want
> to use them, so if you're willing to work with us for the next month
> or two we could try to figure out how to do this officially.
>
> For example, my recent post on "Multi-algorithm handshakes" had a
> slightly different naming proposal, so we'll have to work through
> these (and other) options:
>
> XXsig1i+sig1r  (e.g. XXsig1i+sig1r_25519+Ed25519)
>   -> e
>   <- e, ee, s1, sig1
>   -> s1, sig1
>
>
> Trevor


More information about the Noise mailing list