new title

Here is the sub forum used for talking about ideas, implementations and suggestions or typical guidelines.

Further info on extension or the protocol is found at our Wiki
Locked
Aloraahigh
Newbie
Posts: 1
Joined: 13 Apr 2015, 12:52

new title

Post by Aloraahigh » 13 Apr 2015, 13:09

Here are the first proposed extensions PIDK, allowing the derivation of shared keys through the hub from the user PIDs and ECID allowing for the use of elliptic curve cryptography to identify clients (including MITM avoidance when using SSL connections).

Crise
Senior Member
Posts: 139
Joined: 10 Nov 2007, 21:34

Re: new title

Post by Crise » 13 Apr 2015, 14:15

Where exactly are these proposed extensions, I see neither links or attachments in your post.

Regarding MITM that is already covered by a pre-existing extension (ie. KEYP), however, I do concur that the current state of the implementation needs some more work in that a) certificate validity periods fluctuate a lot (from 10 days to one year and b) clients to my knowledge currently has no implementation for hot swapping its certificate when it does expire.

Without seeing anything you have worked up, I will say this much... anything that deals with PID directly has to be cryptographically irreversible and safe. Anything that can be translated back to a users PID can not be transmitted over the network to other users.

Locked