commit e2177e7c6dfa54e933864ed49758c7dfdc1b39d5 parent 8403a27d942f5179b77b29c4c78e869084169a13 Author: Martin Schanzenbach <schanzen@gnunet.org> Date: Mon, 12 Aug 2024 13:49:43 +0200 remove quic for now Diffstat:
| M | draft-gnunet-communicators.xml | | | 81 | ------------------------------------------------------------------------------- |
1 file changed, 0 insertions(+), 81 deletions(-)
diff --git a/draft-gnunet-communicators.xml b/draft-gnunet-communicators.xml @@ -1333,87 +1333,6 @@ SetupCipher(REC_ID, MSK): </dl> </section> </section> - <section anchor="quic_comm" numbered="true" toc="default"> - <name>QUIC communicator</name> - <t> - The QUIC <xref target="RFC9000"/> communicator uses TLS-over-QUIC - for a baseline layer of metadata protection. - Peers use self-signed certificates and corresponding public-private - key pairs when establishing a TLS channel. - No trust anchors are used to verify the trustworthiness and authenticity - of the identities in the TLS certificates. - However, QUIC communicators <bcp14>MUST</bcp14> provide a signature - using the peer private key over the certificate used in the TLS - key exchange. - </t> -<figure anchor="figure_quic_idproof" title="The binary representation of the initial identification packet"> - <artwork name="" type="" align="left" alt=""><![CDATA[ -0 8 16 24 32 40 48 56 -+-----+-----+-----+-----+-----+-----+-----+-----+ -| | -| PEER ID | -| | -| | -+-----+-----+-----+-----+-----+-----+-----+-----+ -| | -| SIGNATURE | -| | -| | -| | -| | -| | -| | -+-----+-----+-----+-----+-----+-----+-----+-----+ - ]]></artwork> - </figure> - <dl> - <dt>PEER ID</dt> - <dd> - A 256-bit EdDSA public key. - </dd> - <dt>SIGNATURE</dt> - <dd> - The EdDSA signature is computed with the peer private key - over the DER-encoded TLS - certificate of the peer along with a pseudo-header - as detailed in <xref target="figure_quic_idproof_sig"/>. - </dd> - </dl> - <figure anchor="figure_quic_idproof_sig" title="The wire format used for creating the signature of the identification packet."> - <artwork name="" type="" align="left" alt=""><![CDATA[ -0 8 16 24 32 40 48 56 -+-----+-----+-----+-----+-----+-----+-----+-----+ -| SIZE | PURPOSE (0x0TODO)| -+-----+-----+-----+-----+-----+-----+-----+-----+ -| DER-encoded public key certificate | -/ / -/ / -+-----+-----+-----+-----+-----+-----+-----+-----+ - ]]></artwork> - </figure> - <dl> - <dt>SIZE</dt> - <dd> - A 32-bit value containing the length of the signed data in bytes - in network byte order. - </dd> - <dt>PURPOSE</dt> - <dd> - A 32-bit signature purpose flag in network byte order. The value of this - field <bcp14>MUST</bcp14> be XXXX. It defines the context in which - the signature is created so that it cannot be reused in other parts - of the protocol, including possible future extensions. - The value of this field corresponds to an entry in the - GANA "GNUnet Signature Purpose" registry <xref target="GANA"/>. - </dd> - <dt>EXPIRATION</dt> - <dd> - Field as defined in the RRBLOCK message above. - </dd> - <dt>BDATA</dt> - <dd>Field as defined in the RRBLOCK message above.</dd> - </dl> - </section> <section anchor="security" numbered="true" toc="default"> <name>Security and Privacy Considerations</name> <section anchor="security_kem" numbered="true" toc="default">