status-im/specs
2
0
Fork 0
mirror of https://github.com/status-im/specs.git synced 2025-02-19 17:34:20 +00:00
Code Issues Projects Releases Wiki Activity

consolidated security considerations

Browse Source
This commit is contained in:
Corey 2020-03-26 08:18:08 -04:00 committed by Oskar Thoren
parent d59df127a8
commit 6b29e5e038
No known key found for this signature in database
GPG Key ID: B2ECCFD3BC2EF77E
1 changed files with 3 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
status-client-spec.md
View File

@ -36,7 +36,6 @@ have to be implemented in order to be a full Status client. The second gives a d
- [Payloads and clients](#payloads-and-clients) - [Payloads and clients](#payloads-and-clients)
- [BIPs and EIPs Standards support](#bips-and-eips-standards-support) - [BIPs and EIPs Standards support](#bips-and-eips-standards-support)
- [Security Considerations](#security-considerations) - [Security Considerations](#security-considerations)
- [Censorship-resistance](#censorship-resistance)
- [Design Rationale](#design-rationale) - [Design Rationale](#design-rationale)
- [P2P Overlay](#p2p-overlay-1) - [P2P Overlay](#p2p-overlay-1)
- [Why devp2p? Why not use libp2p?](#why-devp2p-why-not-use-libp2p) - [Why devp2p? Why not use libp2p?](#why-devp2p-why-not-use-libp2p)
@ -53,7 +52,7 @@ have to be implemented in order to be a full Status client. The second gives a d
- [Scalability and UX](#scalability-and-ux) - [Scalability and UX](#scalability-and-ux)
- [Privacy](#privacy) - [Privacy](#privacy)
- [Spam resistance](#spam-resistance) - [Spam resistance](#spam-resistance)
- [Censorship resistance](#censorship-resistance-1) - [Censorship resistance](#censorship-resistance)
- [Acknowledgements](#acknowledgements) - [Acknowledgements](#acknowledgements)
## Introduction ## Introduction
@ -224,15 +223,6 @@ see [Status EIPs Standards](status-EIPs.md).
See [Appendix A](#appendix-a-security-considerations) See [Appendix A](#appendix-a-security-considerations)
### Censorship-resistance
With default settings Whisper over DevP2P runs on odd ports in 30k range, which
are easy to block. One workaround for this is to run ports on 443. This doesn't
take care of all cases though, and this quickly leads into efforts such as
obfuscated transports a la Tor.
See https://github.com/status-im/status-react/issues/6351 for some discussion.
## Design Rationale ## Design Rationale
### P2P Overlay ### P2P Overlay
@ -383,4 +373,6 @@ A mailserver has a direct TCP connection, which means they are trusted to send t
By default Devp2p runs on port `30303`, which is not commonly used for any other service. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port `80` or `443`, but there are still outstanding issues. See libp2p and Tor's Pluggable Transport for how this can be improved. By default Devp2p runs on port `30303`, which is not commonly used for any other service. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port `80` or `443`, but there are still outstanding issues. See libp2p and Tor's Pluggable Transport for how this can be improved.
See https://github.com/status-im/status-react/issues/6351 for some discussion.
## Acknowledgements ## Acknowledgements