secure transport a bit fmt, still mess tho

This commit is contained in:
Oskar Thoren 2019-08-29 12:45:43 +02:00
parent 0d0ad4606a
commit 93c631dd5b
No known key found for this signature in database
GPG Key ID: B2ECCFD3BC2EF77E
1 changed files with 43 additions and 7 deletions

View File

@ -4,6 +4,43 @@
> >
> Author: Andrea Piana <andreap@status.im>, Pedro Pombeiro <pedro@status.im>, Corey Petty <corey@status.im>, Oskar Thorén <oskar@status.im> > Author: Andrea Piana <andreap@status.im>, Pedro Pombeiro <pedro@status.im>, Corey Petty <corey@status.im>, Oskar Thorén <oskar@status.im>
## Abstract
TBD.
## Table of Contents
- [Abstract](#abstract)
- [Table of Contents](#table-of-contents)
- [1. Introduction](#1-introduction)
- [1.1. Definitions](#11-definitions)
- [1.2. Design Requirements](#12-design-requirements)
- [1.3. Conventions](#13-conventions)
- [1.4. Transport Layer](#14-transport-layer)
- [1.5. User flow for 1-to-1 communications](#15-user-flow-for-1-to-1-communications)
- [1.5.1. Account generation](#151-account-generation)
- [1.5.2. Account recovery](#152-account-recovery)
- [2. Messaging](#2-messaging)
- [2.1. End-to-end encryption](#21-end-to-end-encryption)
- [2.2. Prekeys](#22-prekeys)
- [2.3. Bundle retrieval](#23-bundle-retrieval)
- [2.4. 1:1 chat contact request](#24-11-chat-contact-request)
- [2.4.1. Initial key exchange flow (X3DH)](#241-initial-key-exchange-flow-x3dh)
- [2.4.2. Double Ratchet](#242-double-ratchet)
- [3. Session Management](#3-session-management)
- [3.1 Initialization](#31-initialization)
- [3.2 Concurrent sessions](#32-concurrent-sessions)
- [3.3 Re-keying](#33-re-keying)
- [4. Multi-device support](#4-multi-device-support)
- [4.1 Pairing](#41-pairing)
- [4.2 Sending messages to a paired group](#42-sending-messages-to-a-paired-group)
- [4.3 Account recovery](#43-account-recovery)
- [4.4 Partitioned devices](#44-partitioned-devices)
- [Trust establishment](#trust-establishment)
- [-](#-)
- [3.4 Expired session](#34-expired-session)
- [4.3 Stale devices](#43-stale-devices)
- [5. Security Considerations](#5-security-considerations)
## 1. Introduction ## 1. Introduction
@ -306,13 +343,7 @@ Account recovery is no different from adding a new device, and it is handled in
In some cases (i.e. account recovery when no other pairing device is available, device not paired), it is possible that a device will receive a message that is not targeted to its own `installation-id`. In some cases (i.e. account recovery when no other pairing device is available, device not paired), it is possible that a device will receive a message that is not targeted to its own `installation-id`.
In this case an empty message containing bundle information is sent back, which will notify the receiving end of including this device in any further communication. In this case an empty message containing bundle information is sent back, which will notify the receiving end of including this device in any further communication.
# 5. Security Considerations ## Trust establishment
The same considerations apply as in [section 4 of the X3DH spec](https://signal.org/docs/specifications/x3dh/#security-considerations) and [section 6 of the Double Ratchet spec](https://signal.org/docs/specifications/doubleratchet/#security-considerations), with some additions detailed below.
<!-- TODO: Add any additional context here not covered in the X3DH and DR specs -->
## 1. Introduction
#### 1.5.x. Contact request #### 1.5.x. Contact request
@ -339,6 +370,11 @@ Expired session should not be used for new messages and should be deleted after
When a bundle is received from $IK$ a timer is initiated on any `installation-id` belonging to $IK$ not included in the bundle. If after 7 days no bundles are received from these devices they are marked as `stale` and no message will be sent to them. When a bundle is received from $IK$ a timer is initiated on any `installation-id` belonging to $IK$ not included in the bundle. If after 7 days no bundles are received from these devices they are marked as `stale` and no message will be sent to them.
# 5. Security Considerations
The same considerations apply as in [section 4 of the X3DH spec](https://signal.org/docs/specifications/x3dh/#security-considerations) and [section 6 of the Double Ratchet spec](https://signal.org/docs/specifications/doubleratchet/#security-considerations), with some additions detailed below.
<!-- TODO: Add any additional context here not covered in the X3DH and DR specs -->
<!-- <!--
TODO: description here TODO: description here