New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
per-session cryptography key pair in CapTP layer? #53
Comments
I will also add that in addition to it just feeling silly, it forces a hard-dependency on some crypto libraries where they aren't really needed. E.g. if you wanted to have a netlayer that let a js client running in a browser talk to the server over a (TLS) websocket, pulling in an ed25519 signature implementation would bloat bundle size for no reason but spec compliance. |
I just want to add some more information here. The crypto stuff is fairly limited in scope and is really only required for third party handoffs. I think we could push this down into the netlayer and there might be better ways to do it based on the context the netlayer is operating under. For example for unix sockets on the same machine, perhaps this could be done with passing around anonymous file handlers through the connection. I think it'd be good if we could explore this. We do need to ensure there is a secure way to perform third party handoffs though and I suspect most netlayers may need something like the certificate handoff solution that exists today. |
I'd encourage folks looking over https://github.com/capnproto/capnproto/blob/455824528cd01268d4f9491a0df961c9a3678852/c%2B%2B/src/capnp/rpc.capnp#L1411-L1512, which sketches a possible way to abstract out the netlayer (which the comments call a "vat network"). |
Per discussion, at the meeting, I'm going to assign some folks to request that they read over the above, as a starting point for how this might be abstracted out. |
(Note: if folks from various stakeholder projects want to reassign who from their team is going to look at this, please do; I picked some folks relatively arbitrarily). |
I’m on the hook to review this. I’m also barely qualified to review this. I can say immediately, despite lack of qualification, that I favor a layering like:
I don’t know the layer that works best for authentication. I doubt we get it from TLS and self-signed certs. It seems like a concern that touches upon the bottom-most and top-most layers of O’Cap’n although completely orthogonal to the middle, and I’m eager to understand more about Goblins’s design choices. |
I broadly agree with your outline. (5) in particular gets at what I feel so strongly about here: the basic point-to-point rpc stuff should be as independent as possible from the layers above & below it. This means in particular that any messages relating to connection setup should be pushed down into (2), and may simply not be required for some netlayers. The way capnp is specified, you have an interesting situation where (2) and (6) likely care about each other, but the layers in between do not. tangent: it would be nice if we had different terminology for what capnp calls bootstrap vs. what E called NonceLocator -- goblins seems to be using bootstrap to refer to the latter, but as you described there's an "application" bootstrap object, which is what capnp uses the term for. |
Thanks @zenhack, evoking “nonce locator” was useful. Agoric’s CapTP also names “bootstrap” the first object presented to the connection on either side (if requested by the other side!), which is clearly how we would necessarily present the nonce locator to the wire. So, I can see how we would arrive at a conflation of terms. I propose a strawpoke:
At Agoric, currently the bootstrap object is always the public facet, if there is one. I figure we have a few layering options. Currently in Agoric CapTP,
|
The same is true of capnp. Some things to note:
|
Hey, Sorry it took me so long to get to this, I've had a lot going on this month. I've looked at the RPC document you linked and if I'm understanding it correctly it seems like it's putting creating connections and "handing off" connections into the netlayer. This is obviously connections, not objects, such as in the case of 3PH, however I think there can be a few things here to note. We could do something similar and have all the 3PH lifted from the CapTP spec and put instead into the netlayer spec and have this part of their domain. If I try and think of how we could do this, I could imagine that each netlayer has the following:
In addition to this, if the netlayer would like it could provide:
This would allow in-band 3PH to use a better mechanism one exists and can be used, but when performing a handoff to a node using a different netlayer it has the universal certificate mechanism that is netlayer agnostic. There could be situations where a node only supports one netlayer type and thus doesn't want to support the out-of-band mechanisms and that'd be okay too. WYDT? |
I cannot proceed without first acknowledging that we shall sorely miss @zenhack and I for one wish to honor his participation by continuing to make progress in this endeavor mindful of their vision. @tsyesika I like this outline except that @warner and I concur that we actually do want to select a particular set of cryptographic algorithms such that any hand-off denotes a single (signer key, signer assigned identifier) pair such that a difference in transport cannot confuse the identity of a hand-off object. The layering we’re imaging looks like:
And a connection hint consists of a full reckoning of the combination of VatTP layers and an address specific to that combination. |
As noted in #42 (comment) , the Agoric CapTP API doesn't use a session key pair.
@tsyesika writes:
@zenhack writes:
The text was updated successfully, but these errors were encountered: