[noise] certificate chains

Trevor Perrin trevp at trevp.net
Tue Jul 17 08:27:50 PDT 2018


On Tue, Jul 17, 2018 at 9:49 AM, Arvid Picciani <aep at exys.org> wrote:
>> so if you're willing to work with us for the next month
>
> yes please!
>
> here's what i'm working on:
>
> https://github.com/aep/devguard/blob/master/README.md#proto

OK great, I'll read that later, some quick comments for now:


>> XXsig1i+sig1r
>
> looks good to me. I'm not sure about how detailed you want to specify
> the signature package tho. Mine is more complex than just a single
> ed25519 since it contains an entire chain as well as protocol specific
> access to resources
> https://github.com/aep/devguard/blob/master/proto/certificate.proto

I think the Noise handshake pattern would just cover the Ed25519
signature and public keys (XXsig1i+sig1r), and that's the part I'd
like to standardize in an extension document.

The certificates and other higher-level data could still be sent in
the handshake payload, in whatever format you want, though here you
could use the NLS protobufs and NoiseSocket.

Separating the public-key from its certificate like this is different
from typical X.509 protocols, but it makes sense for Noise.
Signatures and public keys can be handled in a mechanical way in
patterns, while there's more options for certificates, and you might
also send multiple different types of certs / evidence for a public
key (like Certificate Transparency or OCSP signatures, pinning
information, etc).

Trevor


More information about the Noise mailing list