-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFC-11 : Add key identifier to ITP Header #54
Comments
I think this idea could be rolled together with the It's possible that a receiver may wish to maintain multiple secrets/keys This may be because the receiver wishes to have different keys per sender It's common practice for entities like the receiver to store these keys The receiver then uses this index to look up the key so it can recreate the To do this, it must provide the key identifier to the sender in the Add a new field to the ITP header — |
Yep, that would do it. I'd call that something like By the way, would we consider these fields as "additions" to the core ILP Header fields? i.e. Are they siblings. This matters in terms of consistent normalization for the sake of getting a canonical version of the data for signing. Also, maybe rename |
It's a bit confusing to call it The ILP Packet needs a way to attach other headers, which would include this one. We should probably have a way to indicate which headers may change en route (maybe taking some inspiration from how it's done in IPv6) so that they are left out when hashing. I don't have a super strong preference between |
It's not clear to me how we will do the "combine" step with the ITP header and the ILP Header which may be the issue. Will all the fields be namespaced somehow? i.e. Wouldn't it be easy to tell which data comes from the receiver? |
They wouldn't be combined, you would have an ILP Header, and ITP Header, and some others. The packet just needs a way for these different headers to be packed next to one another. |
Could you please explain the motivation for this?
👍 |
Right, where is that "way for these different headers to be packed next to one another" defined because for the following steps to be repeated consistently that tneeds to be a well defined process
I think it used to be defined in RFC 3 but is not longer there. |
It's common in payments systems for symmetric keys like this to be partitioned. Usually by intended use (PIN encryption, vs MACing etc) and then by partner system or terminal. This means that if the key gets compromised the damage is limited. Even if the receiver always uses the same key they may want to change this at some point but will want to keep the old key "alive" for a short time to ensure any payments in flight can still be processed. To do this they need to know, when they receive a payment, which key was used to generate the condition. |
It's possible that a receiver may wish to maintain multiple secrets/keys for use in generating the pre-image for ITP payments.
This may be because the receiver wishes to have different keys per sender or just keep old keys alive for a short period after rotating to a new key.
It's common practice for entities like the receiver to store these keys securely index by some unique identifier (even just a numeric counter/index).
The receiver then uses this index to look up the key so it can recreate the the fulfillment after receiving a payment.
To do this, it must provide the key identifier to the sender in the original payment request (Interledger Packet) and the sender must send this in the subsequent payment.
PROPOSAL:
Add a new field to the ITP header
The text was updated successfully, but these errors were encountered: