Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need to know the expected PublicKey in upgrades #882

Closed
tomaka opened this issue Jan 22, 2019 · 5 comments
Closed

Need to know the expected PublicKey in upgrades #882

tomaka opened this issue Jan 22, 2019 · 5 comments
Labels
difficulty:hard priority:nicetohave

Comments

@tomaka
Copy link
Member

tomaka commented Jan 22, 2019
edited
Loading

When negotiating the encryption protocol, we can remove one roundtrip by knowing the public key of the remote in advance. This requires some changes in the APIs.

cc #881
@tomaka
Copy link
Member Author

tomaka commented Jan 22, 2019

One idea would be to pass the expected public key to Transport::dial, then to the closure of Transport::and_then, and build the connection upgrade on-the-fly.

However this raises questions:

  • Is it valid for a transport to return a peer identity that is different from the expected one?
  • Should the peer identity be a generic, or hard-coded to a specific type?

@tomaka tomaka mentioned this issue Jan 26, 2019
Merged
@burdges
Copy link

burdges commented Jan 28, 2019

I'd expect you know this, but.. We only need one party A to know the public key of the other party B, because the handshake can send A's public key to B encrypted behind ee and es key exchanges. We've slightly different handshakes that determine if A or B initiates the connection.

@tomaka
Copy link
Member Author

tomaka commented Jan 30, 2019

#888 has been merged but is not usable in practice because of this issue.

@twittner
Copy link
Contributor

twittner commented Jan 30, 2019
edited
Loading

@tomaka, It depends on the handshake pattern. One could use XX for instance which works without pre-shared static keys. The IK pattern of course requires this issue to be resolved first.

@thomaseizinger
Copy link
Contributor

Closing in favor of #2946.

@thomaseizinger thomaseizinger closed this as not planned Won't fix, can't repro, duplicate, stale Mar 29, 2023
@denis2glez denis2glez mentioned this issue Nov 14, 2023
Draft
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
difficulty:hard priority:nicetohave
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@twittner @burdges @tomaka @thomaseizinger