-
Notifications
You must be signed in to change notification settings - Fork 993
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Need to know the expected PublicKey in upgrades #882
Comments
One idea would be to pass the expected public key to However this raises questions:
|
I'd expect you know this, but.. We only need one party A to know the public key of the other party B, because the handshake can send A's public key to B encrypted behind ee and es key exchanges. We've slightly different handshakes that determine if A or B initiates the connection. |
#888 has been merged but is not usable in practice because of this issue. |
@tomaka, It depends on the handshake pattern. One could use XX for instance which works without pre-shared static keys. The IK pattern of course requires this issue to be resolved first. |
Closing in favor of #2946. |
When negotiating the encryption protocol, we can remove one roundtrip by knowing the public key of the remote in advance. This requires some changes in the APIs.
cc #881
The text was updated successfully, but these errors were encountered: