[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0007] branch master updated: Update
|
From: |
gnunet |
|
Subject: |
[lsd0007] branch master updated: Update |
|
Date: |
Thu, 27 Jul 2023 22:16:55 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository lsd0007.
The following commit(s) were added to refs/heads/master by this push:
new 2133a0f Update
2133a0f is described below
commit 2133a0feb10b56d90f8e11d494055a26d9153ddd
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Thu Jul 27 22:16:41 2023 +0200
Update
---
draft-gnunet-communicators.xml | 320 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 319 insertions(+), 1 deletion(-)
diff --git a/draft-gnunet-communicators.xml b/draft-gnunet-communicators.xml
index 05850ac..082a623 100644
--- a/draft-gnunet-communicators.xml
+++ b/draft-gnunet-communicators.xml
@@ -29,6 +29,7 @@
<!ENTITY RFC8244 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.8244.xml";>
<!ENTITY RFC8324 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.8324.xml";>
<!ENTITY RFC8499 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.8499.xml";>
+<!ENTITY RFC9000 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.9000.xml";>
<!ENTITY RFC9106 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.9106.xml";>
<!ENTITY I-D.ietf-dnsop-alt-tld PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-dnsop-alt-tld.xml";>
]>
@@ -239,18 +240,334 @@
<t>
FIXME: Handshake wire format, KX, Flow.
</t>
+<figure anchor="figure_udp_initialkx" title="The binary representation of the
initial key exchange packet.">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+0 8 16 24 32 40 48 56
++-----+-----+-----+-----+-----+-----+-----+-----+
+| EPHEMERAL PUBLIC KEY |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| GCM TAG |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| REKEY |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ </figure>
+ <dl>
+ <dt>EPHEMERAL PUBLIC KEY</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>GCM TAG</dt>
+ <dd>
+ A 128-bit GCM tag used to authenticate the ciphertext immediately
following this KX.
+ </dd>
+ <dt>REKEY</dt>
+ <dd>
+ A 128-bit rekey flag. If any bit is set, this indicates a rekey.
+ </dd>
+ </dl>
+ <figure anchor="figure_udp_handshake_sig" title="The wire format used
for creating the signature of the identification packet.">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+0 8 16 24 32 40 48 56
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SIZE | PURPOSE (0x0X) |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SENDER PEER ID |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| RECEIVER PEER ID |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| EPHEMERAL PUBLIC KEY |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| MONOTONIC TIMESTAMP |
+| |
+| |
+| |
+| |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| NONCE |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ </figure>
+ <dl>
+ <dt>SIZE</dt>
+ <dd>
+ A 32-bit value containing the length of the signed data in bytes
+ in network byte order.
+ </dd>
+ <dt>PURPOSE</dt>
+ <dd>
+ A 32-bit signature purpose flag in network byte order. The value of
this
+ field <bcp14>MUST</bcp14> be XXXX. It defines the context in which
+ the signature is created so that it cannot be reused in other parts
+ of the protocol including possible future extensions.
+ The value of this field corresponds to an entry in the
+ GANA "GNUnet Signature Purpose" registry <xref target="gana"/>.
+ </dd>
+ <dt>SENDER PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>RECEIVER PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>EPHEMERAL PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>MONOTONIC TIMESTAMP</dt>
+ <dd>
+ FIXME.
+ </dd>
+ <dt>NONCE</dt>
+ <dd>
+ A 256-bit random value.
+ </dd>
+ </dl>
</section>
<section anchor="tcp_comm" numbered="true" toc="default">
<name>TCP communicators</name>
<t>
FIXME
</t>
+ <figure anchor="figure_tcp_handshake_sig" title="The wire format used
for creating the signature of the identification packet.">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+0 8 16 24 32 40 48 56
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SIZE | PURPOSE (0x0X) |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SENDER PEER ID |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| RECEIVER PEER ID |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| EPHEMERAL PUBLIC KEY |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| MONOTONIC TIMESTAMP |
+| |
+| |
+| |
+| |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| NONCE |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ </figure>
+ <dl>
+ <dt>SIZE</dt>
+ <dd>
+ A 32-bit value containing the length of the signed data in bytes
+ in network byte order.
+ </dd>
+ <dt>PURPOSE</dt>
+ <dd>
+ A 32-bit signature purpose flag in network byte order. The value of
this
+ field <bcp14>MUST</bcp14> be XXXX. It defines the context in which
+ the signature is created so that it cannot be reused in other parts
+ of the protocol including possible future extensions.
+ The value of this field corresponds to an entry in the
+ GANA "GNUnet Signature Purpose" registry <xref target="gana"/>.
+ </dd>
+ <dt>SENDER PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>RECEIVER PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>EPHEMERAL PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>MONOTONIC TIMESTAMP</dt>
+ <dd>
+ FIXME.
+ </dd>
+ <dt>NONCE</dt>
+ <dd>
+ A 256-bit random value.
+ </dd>
+ </dl>
+ <figure anchor="figure_tcp_handshake_ack_sig" title="The wire format
used for creating the response for the identification packet.">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+0 8 16 24 32 40 48 56
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SIZE | PURPOSE (0x0X) |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SENDER PEER ID |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| RECEIVER PEER ID |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| MONOTONIC TIMESTAMP |
+| |
+| |
+| |
+| |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| NONCE |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ </figure>
+ <dl>
+ <dt>SIZE</dt>
+ <dd>
+ A 32-bit value containing the length of the signed data in bytes
+ in network byte order.
+ </dd>
+ <dt>PURPOSE</dt>
+ <dd>
+ A 32-bit signature purpose flag in network byte order. The value of
this
+ field <bcp14>MUST</bcp14> be XXXX. It defines the context in which
+ the signature is created so that it cannot be reused in other parts
+ of the protocol including possible future extensions.
+ The value of this field corresponds to an entry in the
+ GANA "GNUnet Signature Purpose" registry <xref target="gana"/>.
+ </dd>
+ <dt>SENDER PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>RECEIVER PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>MONOTONIC TIMESTAMP</dt>
+ <dd>
+ FIXME.
+ </dd>
+ <dt>NONCE</dt>
+ <dd>
+ A 256-bit random value.
+ </dd>
+ </dl>
</section>
<section anchor="quic_comm" numbered="true" toc="default">
<name>QUIC communicator</name>
<t>
- FIXME
+ The QUIC <xref target="RFC9000"/> communicator uses TLS-over-QUIC
+ for a baseline layer of metadata protection.
+ Peers use self-signed certificates and corresponding public-private
+ key pairs when establishing a TLS channel.
+ No trust anchors are used to verify the trustworthiness and authenticity
+ of the identities in the TLS certificates.
+ However, QUIC communicators <bcp14>MUST</bcp14> provide a signature
+ using the peer private key over the certificate used in the TLS
+ key exchange.
</t>
+<figure anchor="figure_quic_idproof" title="The binary representation of the
initial identification packet">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+0 8 16 24 32 40 48 56
++-----+-----+-----+-----+-----+-----+-----+-----+
+| |
+| PEER ID |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| |
+| SIGNATURE |
+| |
+| |
+| |
+| |
+| |
+| |
++-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ </figure>
+ <dl>
+ <dt>PEER ID</dt>
+ <dd>
+ A 256-bit EdDSA public key.
+ </dd>
+ <dt>SIGNATURE</dt>
+ <dd>
+ The EdDSA signature is computed with the peer private key
+ over the DER-encoded TLS
+ certificate of the peer along with a pseudo-header
+ as detailed in <xref target="figure_quic_idproof_sig"/>.
+ </dd>
+ </dl>
+ <figure anchor="figure_quic_idproof_sig" title="The wire format used
for creating the signature of the identification packet.">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+0 8 16 24 32 40 48 56
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SIZE | PURPOSE (0x0TODO)|
++-----+-----+-----+-----+-----+-----+-----+-----+
+| DER-encoded public key certificate |
+/ /
+/ /
++-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ </figure>
+ <dl>
+ <dt>SIZE</dt>
+ <dd>
+ A 32-bit value containing the length of the signed data in bytes
+ in network byte order.
+ </dd>
+ <dt>PURPOSE</dt>
+ <dd>
+ A 32-bit signature purpose flag in network byte order. The value of
this
+ field <bcp14>MUST</bcp14> be XXXX. It defines the context in which
+ the signature is created so that it cannot be reused in other parts
+ of the protocol including possible future extensions.
+ The value of this field corresponds to an entry in the
+ GANA "GNUnet Signature Purpose" registry <xref target="gana"/>.
+ </dd>
+ <dt>EXPIRATION</dt>
+ <dd>
+ Field as defined in the RRBLOCK message above.
+ </dd>
+ <dt>BDATA</dt>
+ <dd>Field as defined in the RRBLOCK message above.</dd>
+ </dl>
</section>
</section>
<section anchor="security" numbered="true" toc="default">
@@ -285,6 +602,7 @@
<name>Normative References</name>
&RFC2119;
&RFC8174;
+ &RFC9000;
</references>
<references>
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lsd0007] branch master updated: Update,
gnunet <=