Custom length certificate changes #21

Stebalien · 2018-07-13T09:51:08Z

Currently, we require length two chains where the bottom key (the one used directly in the handshake) is ephemeral. However, RSA signature verification is a bit expensive, especially when rapidly forming many connections (e.g., in the DHT).

It would be nice if we could instead make this configurable:

By default, we'd start out with this two key system.
By default, we'd allow anywhere from 1 to 4 certificates in the chain (restricted to 4 to prevent clients from tricking servers into validating long certificate chains).

Motivation:

Certificate verification can be expensive (depending on the algorithm).
In the future, peers will likely have an outer "ephemeral" peer ID (generated on boot) and will likely negotiate additional sub-peer IDs later (per application). When using these ephemeral peer IDs, the current two-certificate system doesn't provide any additional security.

Stebalien · 2018-11-21T00:24:34Z

Deprecated in favor of ephemeral IDs from the start.

Stebalien added the kind/enhancement A net-new feature or improvement to an existing feature label Jul 13, 2018

This was referenced Nov 14, 2018

Explicitly note certificate "purpose" (the subject) #23

Closed

only use a single certificate [do not merge] #37

Closed

ghost assigned marten-seemann Nov 15, 2018

ghost added the status/in-progress In progress label Nov 15, 2018

Stebalien closed this as completed Nov 21, 2018

ghost removed the status/in-progress In progress label Nov 21, 2018

Stebalien reopened this Dec 3, 2018

Stebalien closed this as completed Dec 3, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Custom length certificate changes #21

Custom length certificate changes #21

Stebalien commented Jul 13, 2018

Stebalien commented Nov 21, 2018

Custom length certificate changes #21

Custom length certificate changes #21

Comments

Stebalien commented Jul 13, 2018

Stebalien commented Nov 21, 2018