< draft-hallambaker-mesh-architecture-08.txt   draft-hallambaker-mesh-architecture-09.txt >
Network Working Group P. Hallam-Baker Network Working Group P. Hallam-Baker
Internet-Draft July 3, 2019 Internet-Draft July 8, 2019
Intended status: Informational Intended status: Informational
Expires: January 4, 2020 Expires: January 9, 2020
Mathematical Mesh 3.0 Part I: Architecture Guide Mathematical Mesh 3.0 Part I: Architecture Guide
draft-hallambaker-mesh-architecture-08 draft-hallambaker-mesh-architecture-09
Abstract Abstract
The Mathematical Mesh 'The Mesh' is an end-to-end secure The Mathematical Mesh 'The Mesh' is an end-to-end secure
infrastructure that makes computers easier to use by making them more infrastructure that makes computers easier to use by making them more
secure. The Mesh provides a set of protocol and cryptographic secure. The Mesh provides a set of protocol and cryptographic
building blocks that enable encrypted data stored in the cloud to be building blocks that enable encrypted data stored in the cloud to be
accessed, managed and exchanged between users with the same or better accessed, managed and exchanged between users with the same or better
ease of use than traditional approaches which leave the data ease of use than traditional approaches which leave the data
vulnerable to attack. vulnerable to attack.
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 4, 2020. This Internet-Draft will expire on January 9, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 6 skipping to change at page 3, line 6
4.5.2. Dare Container . . . . . . . . . . . . . . . . . . . 21 4.5.2. Dare Container . . . . . . . . . . . . . . . . . . . 21
4.6. Uniform Data Fingerprints. . . . . . . . . . . . . . . . 22 4.6. Uniform Data Fingerprints. . . . . . . . . . . . . . . . 22
4.6.1. Friendly Names . . . . . . . . . . . . . . . . . . . 23 4.6.1. Friendly Names . . . . . . . . . . . . . . . . . . . 23
4.6.2. Encrypted Authenticated Resource Locators . . . . . . 23 4.6.2. Encrypted Authenticated Resource Locators . . . . . . 23
4.6.3. Secure Internet Names . . . . . . . . . . . . . . . . 24 4.6.3. Secure Internet Names . . . . . . . . . . . . . . . . 24
4.7. Personal Key Escrow . . . . . . . . . . . . . . . . . . . 24 4.7. Personal Key Escrow . . . . . . . . . . . . . . . . . . . 24
5. User Experience . . . . . . . . . . . . . . . . . . . . . . . 26 5. User Experience . . . . . . . . . . . . . . . . . . . . . . . 26
5.1. Creating a Mesh Profile and Administration Device. . . . 27 5.1. Creating a Mesh Profile and Administration Device. . . . 27
5.2. Mesh Accounts . . . . . . . . . . . . . . . . . . . . . . 27 5.2. Mesh Accounts . . . . . . . . . . . . . . . . . . . . . . 27
5.3. Mesh Service . . . . . . . . . . . . . . . . . . . . . . 28 5.3. Mesh Service . . . . . . . . . . . . . . . . . . . . . . 28
5.4. Connecting and Authorizing Additional Devices . . . . . . 28 5.4. Connecting and Authorizing Additional Devices . . . . . . 29
5.4.1. Direct Connection . . . . . . . . . . . . . . . . . . 29 5.4.1. Direct Connection . . . . . . . . . . . . . . . . . . 29
5.4.2. Pin Connection . . . . . . . . . . . . . . . . . . . 30 5.4.2. Pin Connection . . . . . . . . . . . . . . . . . . . 30
5.4.3. EARL/QR Code Connection . . . . . . . . . . . . . . . 31 5.4.3. EARL/QR Code Connection . . . . . . . . . . . . . . . 31
5.5. Contact Requests . . . . . . . . . . . . . . . . . . . . 32 5.5. Contact Requests . . . . . . . . . . . . . . . . . . . . 32
5.5.1. Remote . . . . . . . . . . . . . . . . . . . . . . . 32 5.5.1. Remote . . . . . . . . . . . . . . . . . . . . . . . 33
5.5.2. Static QR Code . . . . . . . . . . . . . . . . . . . 33 5.5.2. Static QR Code . . . . . . . . . . . . . . . . . . . 33
5.5.3. Dynamic QR Code . . . . . . . . . . . . . . . . . . . 33 5.5.3. Dynamic QR Code . . . . . . . . . . . . . . . . . . . 33
5.6. Sharing Confidential Data in the Cloud . . . . . . . . . 33 5.6. Sharing Confidential Data in the Cloud . . . . . . . . . 34
5.7. Escrow and Recovery of Keys . . . . . . . . . . . . . . . 35 5.7. Escrow and Recovery of Keys . . . . . . . . . . . . . . . 36
6. Security Considerations . . . . . . . . . . . . . . . . . . . 36 6. Security Considerations . . . . . . . . . . . . . . . . . . . 36
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 36 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 37
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 36 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 37
9.1. Normative References . . . . . . . . . . . . . . . . . . 37 9.1. Normative References . . . . . . . . . . . . . . . . . . 37
9.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 38 9.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 40 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 40
1. Introduction 1. Introduction
The Mathematical Mesh (Mesh) is a user centered Public Key The Mathematical Mesh (Mesh) is a user centered Public Key
Infrastructure that uses cryptography to make computers easier to Infrastructure that uses cryptography to make computers easier to
use. The Mesh provides an infrastructure that addresses the three use. The Mesh provides an infrastructure that addresses the three
concerns that have proved obstacles to the use of end-to-end security concerns that have proved obstacles to the use of end-to-end security
skipping to change at page 6, line 26 skipping to change at page 6, line 26
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119] . document are to be interpreted as described in RFC 2119 [RFC2119] .
2.4. Implementation Status 2.4. Implementation Status
The implementation status of the reference code base is described in The implementation status of the reference code base is described in
the companion document [draft-hallambaker-mesh-developer] . the companion document [draft-hallambaker-mesh-developer] .
The examples in this document were created on 7/8/2019 4:00:22 PM.
Out of 169 examples, 69 were not functional.
[Note: Example data is now being produced using the mesh command line
tool which is currently substantially less complete than the Mesh
reference code it is intended to provide an interface to. As a
result, the documentation currently lags the code by more than is
usual.]
3. Architecture 3. Architecture
The Mathematical Mesh (Mesh) is a user centered Public Key The Mathematical Mesh (Mesh) is a user centered Public Key
Infrastructure that uses cryptography to make computers easier to Infrastructure that uses cryptography to make computers easier to
use. This document describes version 3.0 of the Mesh architecture use. This document describes version 3.0 of the Mesh architecture
and protocols. and protocols.
For several decades, it has been widely noted that most users are For several decades, it has been widely noted that most users are
either unwilling or unable to make even the slightest efforts to either unwilling or unable to make even the slightest efforts to
protect their security, still less those of other parties. Yet protect their security, still less those of other parties. Yet
skipping to change at page 22, line 42 skipping to change at page 22, line 42
The Uniform Data Fingerprint (UDF) format provides a compact means of The Uniform Data Fingerprint (UDF) format provides a compact means of
presenting cryptographic nonces, keys and digest values using Base32 presenting cryptographic nonces, keys and digest values using Base32
encoding that resists semantic substitution attacks. UDF provides a encoding that resists semantic substitution attacks. UDF provides a
convenient format for data entry. Since the encoding used is case- convenient format for data entry. Since the encoding used is case-
insensitive, UDFs may if necessary be read out over a voice link insensitive, UDFs may if necessary be read out over a voice link
without excessive inconvenience. without excessive inconvenience.
The following are examples of UDF values: The following are examples of UDF values:
NBLC-XNXJ-JEYQ-U3MK-JN2R-Q5U4-SSBQ ND2H-S6YN-5PEI-7VCC-EABR-WQLC-QVTQ
EAEO-XJC5-33UX-4VS6-6RCR-N7OI-EI6A EBYX-SP24-RAEZ-BYVG-FJEN-TNW6-EYQQ
SAQE-KWFO-YAMT-TAIA-PV66-36X4-RBHN-M SAQH-5KQR-XCVN-UVWY-OJNB-QTG3-MJSM-I
MB5S-R4AJ-3FBT-7NHO-T26Z-2E6Y-WFH4 MB5S-R4AJ-3FBT-7NHO-T26Z-2E6Y-WFH4
KCM5-7VB6-IJXJ-WKHX-NZQF-OKGZ-EWVN KCM5-7VB6-IJXJ-WKHX-NZQF-OKGZ-EWVN
AD2H-V6AG-KC5B-6DYX-DZR4-IBD5-4734 ADUE-MT5J-2IED-MT4Y-5C2B-7FK7-UJQW
UDF content digests are used to support a direct trust model similar UDF content digests are used to support a direct trust model similar
to that of OpenPGP. Every Mesh Profile is authenticated by the UDF to that of OpenPGP. Every Mesh Profile is authenticated by the UDF
fingerprint of its signature key. Mesh Friendly Names and UDF fingerprint of its signature key. Mesh Friendly Names and UDF
Fingerprints thus serve analogous functions to DNS names and IP Fingerprints thus serve analogous functions to DNS names and IP
Addresses. Like DNS names, Friendly Names provide the basis for Addresses. Like DNS names, Friendly Names provide the basis for
application-layer interactions while the UDF Fingerprints are used as application-layer interactions while the UDF Fingerprints are used as
to provide the foundation for security. to provide the foundation for security.
4.6.1. Friendly Names 4.6.1. Friendly Names
skipping to change at page 23, line 51 skipping to change at page 23, line 51
The Mesh supports a QR code connection mode employing the Encrypted The Mesh supports a QR code connection mode employing the Encrypted
Authenticated Resource Locator (EARL) format. An EARL is an Authenticated Resource Locator (EARL) format. An EARL is an
identifier which allows an encrypted data object to be retrieved and identifier which allows an encrypted data object to be retrieved and
decrypted. In this case, the encrypted data object contains the decrypted. In this case, the encrypted data object contains the
information needed to complete the interaction. information needed to complete the interaction.
An EARL contains the domain name of the service providing the An EARL contains the domain name of the service providing the
resolution service and an encryption master key: resolution service and an encryption master key:
udf://example.com/ECIB-AA3X-M4N2-6ZWN-PPKX-QS3L-NDDW-BX udf://example.com/EAQZ-QTRP-Z7NQ-2Y26-GFWX-FIN3-K55G-PE
The EARL may be expressed as a QR code: The EARL may be expressed as a QR code:
[[This figure is not viewable in this format. The figure is [[This figure is not viewable in this format. The figure is
available at http://mathmesh.com/Documents/draft-hallambaker-mesh- available at http://mathmesh.com/Documents/draft-hallambaker-mesh-
architecture.html [15].]] architecture.html [15].]]
QR Code representation of the EARL QR Code representation of the EARL
An EARL is resolved by presenting the content digest fingerprint of An EARL is resolved by presenting the content digest fingerprint of
the encryption key to a Web service hosted at the specified domain. the encryption key to a Web service hosted at the specified domain.
skipping to change at page 27, line 24 skipping to change at page 27, line 24
Alice's personal Mesh. Alice's personal Mesh.
5.1. Creating a Mesh Profile and Administration Device. 5.1. Creating a Mesh Profile and Administration Device.
The first step in using the Mesh is to create a personal profile. The first step in using the Mesh is to create a personal profile.
From the user's point of view a profile is a collection of all the From the user's point of view a profile is a collection of all the
configuration data for all the Mesh enabled devices and services that configuration data for all the Mesh enabled devices and services that
they interact with. they interact with.
>profile create Alice> mesh create
Device Profile UDF=MBRF-BFUO-R765-3KQP-DXNK-TOGV-65YA Device Profile UDF=MCJW-G2VQ-OM3B-REPM-RRGA-MSIR-BWPH
Personal Profile UDF=MBYS-BF7J-OCV2-42M6-BWTH-2QUK-FZG3 Personal Profile UDF=MD2T-3WE6-TJAM-QU3C-CXGM-4EW4-4QDM
Note that the user does not specify the cryptographic algorithms to Note that the user does not specify the cryptographic algorithms to
use. Choice of cryptographic algorithm is primarily the concern of use. Choice of cryptographic algorithm is primarily the concern of
the protocol designer, not the user. The only circumstance in which the protocol designer, not the user. The only circumstance in which
users would normally be involved in algorithm selection is when there users would normally be involved in algorithm selection is when there
is a transition in progress from one algorithm suite to another. is a transition in progress from one algorithm suite to another.
5.2. Mesh Accounts 5.2. Mesh Accounts
[FIX **********************] Add an account to the personal Mesh:
Alice> account create personal
Account=MBUT-MZPM-4LXH-VV6D-HEFQ-LP7U-E5OX
A Mesh Catalog contains a set of entries, each of which has a unique A Mesh Catalog contains a set of entries, each of which has a unique
object identifier. Catalog entries may be added, updated or deleted. object identifier. Catalog entries may be added, updated or deleted.
By default, all catalog entries are encrypted. Applying the Default By default, all catalog entries are encrypted. Applying the Default
Deny principle, in normal circumstances, the Mesh Service is not Deny principle, in normal circumstances, the Mesh Service is not
capable of decrypting any catalog excepting the Contacts catalog capable of decrypting any catalog excepting the Contacts catalog
which is used as a source of authorization data in the Access Control which is used as a source of authorization data in the Access Control
applied to inbound messaging requests. applied to inbound messaging requests.
For example, the entries in the credentials catalog specify username For example, the entries in the credentials catalog specify username
and password credentials used to access Internet services. Adding and password credentials used to access Internet services. Adding
credentials to her catalog allows Alice to write scripts that access credentials to her catalog allows Alice to write scripts that access
password protected resources without including the passwords in the password protected resources without including the passwords in the
scripts themselves: scripts themselves:
>password add ftp.example.com alice1 password Alice> password add ftp.example.com alice1 password
ERROR - The feature has not been implemented alice1@ftp.example.com = [password]
>password add www.example.com alice@example.com newpassword Alice> password add www.example.com alice@example.com newpassword
ERROR - The feature has not been implemented alice@example.com@www.example.com = [newpassword]
>password get ftp.example.com Alice> password list
ERROR - The feature has not been implemented alice1@ftp.example.com = [password]
alice@example.com@www.example.com = [newpassword]
Alice> password add ftp.example.com alice1 newpassword
alice1@ftp.example.com = [newpassword]
Alice> password get ftp.example.com
alice1@ftp.example.com = [newpassword]
5.3. Mesh Service 5.3. Mesh Service
A Mesh Service provides an 'always available' point of presence that A Mesh Service provides an 'always available' point of presence that
is used to exchange data between devices connected to the connected is used to exchange data between devices connected to the connected
profile and send and receive Mesh Messages to and from other Mesh profile and send and receive Mesh Messages to and from other Mesh
users. users.
To use a Mesh Service, a user creates a Mesh Service account. This To use a Mesh Service, a user creates a Mesh Service account. This
is analogous to an SMTP email service but with the important is analogous to an SMTP email service but with the important
distinction that the protocol is designed to allow users to change distinction that the protocol is designed to allow users to change
their Mesh Service provider at any time they choose with minimal their Mesh Service provider at any time they choose with minimal
impact. impact.
The account is created by sending an account registration request to The account is created by sending an account registration request to
the chosen Mesh Service. If accepted, the Mesh Service creates a new the chosen Mesh Service. If accepted, the Mesh Service creates a new
account and creates containers to hold the associated catalogs and account and creates containers to hold the associated catalogs and
spools: spools:
>account add personal Alice> account register alice@example.com
ERROR - The command is not known. Account=MBUT-MZPM-4LXH-VV6D-HEFQ-LP7U-E5OX
As with any other Internet service provision, Mesh Service providers As with any other Internet service provision, Mesh Service providers
may impose constraints on the use of their service such as the amount may impose constraints on the use of their service such as the amount
of data they send, store and receive and charge a fee for their of data they send, store and receive and charge a fee for their
service. service.
5.4. Connecting and Authorizing Additional Devices 5.4. Connecting and Authorizing Additional Devices
Having established a Mesh profile, a user may connect any number of Having established a Mesh profile, a user may connect any number of
devices to it. Connecting a device to a Mesh profile allows it to devices to it. Connecting a device to a Mesh profile allows it to
skipping to change at page 29, line 41 skipping to change at page 30, line 5
5.4.1. Direct Connection 5.4.1. Direct Connection
The direct connection mechanism requires that both the administration The direct connection mechanism requires that both the administration
device and the device originating the connection request have data device and the device originating the connection request have data
entry and output affordances and that it is possible for the user to entry and output affordances and that it is possible for the user to
compare the authentication codes presented by the two devices to compare the authentication codes presented by the two devices to
check that they are identical. check that they are identical.
The connection request is initiated on the device being connected: The connection request is initiated on the device being connected:
>device request alice@example.com Alice2> device request alice@example.com
ERROR - The feature has not been implemented Witness value = 46J6-M7HD-VH7E-CJ7I-EGM4-PNHS-HLD6
Personal Mesh = MD2T-3WE6-TJAM-QU3C-CXGM-4EW4-4QDM
Using her administration device, Alice gets a list of pending Using her administration device, Alice gets a list of pending
requests. Seeing that there is a pending request matching the requests. Seeing that there is a pending request matching the
witness value presented by the device, Alice accepts it: witness value presented by the device, Alice accepts it:
>device pending Alice> device pending
ERROR - The feature has not been implemented Alice> device accept NBPK-F7VR-TIUK-O3Z4-VD66-CDIM-TMZL
>device accept tbs
ERROR - The feature has not been implemented
Synchronizing the new device causes the connection request to be
completed:
>profile sync The new device will now synchronize automatically in response to any
Mesh commands. For example, listing the password catalog:
Alice2> password list
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
5.4.2. Pin Connection 5.4.2. Pin Connection
The PIN Connection mechanism is similar to the Direct connection The PIN Connection mechanism is similar to the Direct connection
mechanism except that the process is initiated on an administration mechanism except that the process is initiated on an administration
device by requesting assignment of a new authentication PIN. The PIN device by requesting assignment of a new authentication PIN. The PIN
is then input to the connecting device to authenticate the request. is then input to the connecting device to authenticate the request.
The PIN connection mechanism begins with the issue of the PIN: The PIN connection mechanism begins with the issue of the PIN:
>device pin Alice> account pin
ERROR - The feature has not been implemented PIN=NCQV-ICBJ-NHQ7-SFTN-YM (Expires=2019-07-09T16:00:13Z)
The PIN code is transmitted out of band to the device being The PIN code is transmitted out of band to the device being
connected: connected:
>device request alice@example.com /pin=tbs Alice3> device request alice@example.com /pin=NCQV-ICBJ-NHQ7-SFTN-YM
ERROR - The feature has not been implemented Witness value = NVVS-2JXM-GPBU-JIBZ-LO6G-3ZSQ-LHTP
Personal Mesh = MD2T-3WE6-TJAM-QU3C-CXGM-4EW4-4QDM
Since the request was pre-authorized, it is not necessary for Alice Since the request was pre-authorized, it is not necessary for Alice
to explicitly accept the connection request but the administration to explicitly accept the connection request but the administration
device is needed to create the connection assertion: device is needed to create the connection assertion:
>device pending Alice> device pending
ERROR - The feature has not been implemented
Synchronizing the new device completes the process as before: We can check the device connection by attempting to synchronize to
the profile account:
Alice3> account sync
ERROR - The feature has not been implemented
Note that this connection mechanism could be addapted to allow a Note that this connection mechanism could be addapted to allow a
device with a camera affordance to connect by scanning a QR code on device with a camera affordance to connect by scanning a QR code on
the administration device. the administration device.
>profile sync
ERROR - The feature has not been implemented
If the Device Profile fingerprint is known at the time the PIN is If the Device Profile fingerprint is known at the time the PIN is
generated, this can be bound to the PIN authorization assertion to generated, this can be bound to the PIN authorization assertion to
permit connection of a specific device. permit connection of a specific device.
5.4.3. EARL/QR Code Connection 5.4.3. EARL/QR Code Connection
The EARL/QR code connection mechanisms are used to connect a The EARL/QR code connection mechanisms are used to connect a
constrained device to a Mesh profile by means of an Encrypted constrained device to a Mesh profile by means of an Encrypted
Authenticated Resource Locator, typically presented as a QR code on Authenticated Resource Locator, typically presented as a QR code on
the device itself or its packaging. the device itself or its packaging.
skipping to change at page 31, line 24 skipping to change at page 31, line 31
command line parameter: command line parameter:
To use the device QR code connection mechanism, we require a Web To use the device QR code connection mechanism, we require a Web
service that will host the connection document example.com and a service that will host the connection document example.com and a
MeshService account that the device will attempt to complete the MeshService account that the device will attempt to complete the
connection by requesting synchronization devices@example.com. connection by requesting synchronization devices@example.com.
To begin the process we generate a new random key and combine it with To begin the process we generate a new random key and combine it with
the service to create an EARL: the service to create an EARL:
udf://example.com/ECIB-AA3X-M4N2-6ZWN-PPKX-QS3L-NDDW-BX udf://example.com/EAQZ-QTRP-Z7NQ-2Y26-GFWX-FIN3-K55G-PE
Next a device profile is created and preregistered on with the Mesh Next a device profile is created and preregistered on with the Mesh
Service that will provide the hailing service. Since we are only Service that will provide the hailing service. Since we are only
preparing one device it is convenient to do this on the device preparing one device it is convenient to do this on the device
itself. In a manufacturing scenario, these steps would typically be itself. In a manufacturing scenario, these steps would typically be
performed offline in bulk. performed offline in bulk.
>device pre devices@example.com /key=udf://example.com/ECIB-AA3X-M4N2-6ZWN-PPKX-QS3L-NDDW-BX Alice4> device pre devices@example.com /key=udf://example.com/EAQZ-QTRP-Z7NQ-2Y26-GFWX-FIN3-K55G-PE
ERROR - Object reference not set to an instance of an object. ERROR - Object reference not set to an instance of an object.
Once initialized the device attempts to poll the service for a Once initialized the device attempts to poll the service for a
connection each time it is powered on, when a connection button connection each time it is powered on, when a connection button
affordance on the device is pressed or at other times as agreed with affordance on the device is pressed or at other times as agreed with
the Mesh Service Provider: the Mesh Service Provider:
>profile sync Alice4> account sync
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
To connect the device to her profile, Alice scans the device with her To connect the device to her profile, Alice scans the device with her
administration device to obtain the UDF. The administration device administration device to obtain the UDF. The administration device
retrieves the connection description, decrypts it and then uses the retrieves the connection description, decrypts it and then uses the
information in the description to create the necessary Device information in the description to create the necessary Device
Connection Assertion and connect to the device hailing Mesh Service Connection Assertion and connect to the device hailing Mesh Service
Account to complete the process: Account to complete the process:
>device earl udf://example.com/ECIB-AA3X-M4N2-6ZWN-PPKX-QS3L-NDDW-BX Alice> device earl udf://example.com/EAQZ-QTRP-Z7NQ-2Y26-GFWX-FIN3-K55G-PE
ERROR - The feature has not been implemented ERROR - Object reference not set to an instance of an object.
When the device next attempts to connect to the hailing service, it When the device next attempts to connect to the hailing service, it
receives the Device Connection Assertion: receives the Device Connection Assertion:
>profile sync Alice4> account sync
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
5.5. Contact Requests 5.5. Contact Requests
As previously stated, every inbound Mesh message is subject to access As previously stated, every inbound Mesh message is subject to access
control. The user's contact catalog is used as part of the access control. The user's contact catalog is used as part of the access
control authentication and authorization mechanism. control authentication and authorization mechanism.
By default, the only form of inbound message that is accepted without By default, the only form of inbound message that is accepted without
authorization in the contact catalog is a contact request. Though authorization in the contact catalog is a contact request. Though
skipping to change at page 32, line 30 skipping to change at page 32, line 38
by a mutual friend). by a mutual friend).
A Mesh Contact Assertion may be limited to stating the user's profile A Mesh Contact Assertion may be limited to stating the user's profile
fingerprint and Mesh Service Account(s). For most purposes however, fingerprint and Mesh Service Account(s). For most purposes however,
it is more convenient to present a Contact Assertion that contains at it is more convenient to present a Contact Assertion that contains at
least as much information as is typically provided on a business or least as much information as is typically provided on a business or
calling card: calling card:
Alice creates a contact entry for herself: Alice creates a contact entry for herself:
>contact add alice-contact.json Alice> contact self email alice@example.com
ERROR - The feature has not been implemented {
"Self": true,
"Key": "NAWI-VDVD-77DG-3RT2-PXO3-YA46-E6WA",
"EnvelopedContact": [{},
"ewogICJDb250YWN0IjogewogICAgIkFkZHJlc3Nlcy
I6IFt7CiAgICAgICAgIlVSSSI6ICJtYWlsdG86e2VtYWlsfSJ9XX19"]}~~~~
User's may create multiple Contact Assertions for use in different User's may create multiple Contact Assertions for use in different
circumstances. A user might not want to give their home address to a circumstances. A user might not want to give their home address to a
business contact or their business address to a personal friend. business contact or their business address to a personal friend.
5.5.1. Remote 5.5.1. Remote
In the most general case, the participants are remote from each other In the most general case, the participants are remote from each other
and one user must make a contact request of the other: and one user must make a contact request of the other:
Bob requests Alice add him to her contacts catalog: Bob requests Alice add him to her contacts catalog:
>message contact alice@example.com Bob> message contact alice@example.com
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
When Alice next checks her messages, she sees the pending contact When Alice next checks her messages, she sees the pending contact
request from Bob and accepts it. Bob's contact details are added to request from Bob and accepts it. Bob's contact details are added to
her catalog and Bob receives a response containing Alice's her catalog and Bob receives a response containing Alice's
credentials: credentials:
>message pending Alice> message pending
ERROR - The feature has not been implemented Alice> message accept tbs
>message accept tbs
ERROR - The feature has not been implemented
5.5.2. Static QR Code 5.5.2. Static QR Code
A DARE contact entry may be exchanged by means of an EARL UDF. This A DARE contact entry may be exchanged by means of an EARL UDF. This
is typically presented by means of a QR code which may be created is typically presented by means of a QR code which may be created
using the meshman tool and a QR code generator. The resulting QR using the meshman tool and a QR code generator. The resulting QR
code may be printed on a business card, laser engraved on a luggage code may be printed on a business card, laser engraved on a luggage
tag, etc. tag, etc.
To accept the contact request, the recipient merely scans the code To accept the contact request, the recipient merely scans the code
skipping to change at page 34, line 30 skipping to change at page 34, line 43
key, they make a request to the Mesh Service which checks to see that key, they make a request to the Mesh Service which checks to see that
they are authorized to read that particular document, have not they are authorized to read that particular document, have not
exceeded their decryption quota, etc. If the request is approved, exceeded their decryption quota, etc. If the request is approved,
the service returns the partial decryption result obtained from the the service returns the partial decryption result obtained from the
service's key part together with the encrypted user key part. To service's key part together with the encrypted user key part. To
complete the decryption process, the user decrypts their key part and complete the decryption process, the user decrypts their key part and
uses it to create a second partial decryption result which is uses it to create a second partial decryption result which is
combined with the first to obtain the key agreement value needed to combined with the first to obtain the key agreement value needed to
complete the decryption process. complete the decryption process.
Alice creates the recryption group groupies@example.com to share Alice creates the recryption group groupw@example.com to share
confidential information with her closest friends: confidential information with her closest friends:
>group create groupies@example.com Alice> group create groupw@example.com
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
Bob encrypts a test file but he can't decrypt it because he isn't in Bob encrypts a test file but he can't decrypt it because he isn't in
the group: the group:
>dare encodeTestFile1.txt /out=TestFile1-group.dare /encrypt=groupies@example.com Bob> dare encodeTestFile1.txt /out=TestFile1-group.dare /encrypt=groupw@example.com
ERROR - The command is not known. ERROR - The command is not known.
>dare decode TestFile1-group.dare Bob> dare decode TestFile1-group.dare
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
Since she is the group administrator, Alice can decrypt the test file Since she is the group administrator, Alice can decrypt the test file
using the group decryption key: using the group decryption key:
>dare decode TestFile1-group.dare Alice> dare decode TestFile1-group.dare
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
Adding Bob to the group gives him immediate access to any file Adding Bob to the group gives him immediate access to any file
encrypted under the group key without making any change to the encrypted under the group key without making any change to the
encrypted files: encrypted files:
>dare decode TestFile1-group.dare Alice> dare decode TestFile1-group.dare
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
Removing Bob from the group immediately withdraws his access. Removing Bob from the group immediately withdraws his access.
>group delete groupies@example.com bob@example.com Alice> group delete groupw@example.com bob@example.com
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
Bob cannot decrypt any more files (but he may have kept copies of Bob cannot decrypt any more files (but he may have kept copies of
files he decrypted earlier). files he decrypted earlier).
>dare decode TestFile1-group.dare Alice> dare decode TestFile1-group.dare
ERROR - The feature has not been implemented ERROR - The feature has not been implemented
Should requirements demand, the same principle may be applied to Should requirements demand, the same principle may be applied to
achieve separation of duties in the administration roles. Instead of achieve separation of duties in the administration roles. Instead of
provisioning the group private key to a single administrator, it may provisioning the group private key to a single administrator, it may
be split into two or more parts. Adding a user to the group requires be split into two or more parts. Adding a user to the group requires
each of the administrators to create a decryption entry for the user each of the administrators to create a decryption entry for the user
and for the service and user to apply the appropriate operations to and for the service and user to apply the appropriate operations to
combine the key parts available to them before use. combine the key parts available to them before use.
skipping to change at page 36, line 22 skipping to change at page 36, line 31
corresponding to their Master Profile Signature and Escrow keys. corresponding to their Master Profile Signature and Escrow keys.
Users may use the key escrow mechanism of their choice including the Users may use the key escrow mechanism of their choice including the
escrow mechanism supported by the Mesh itself which uses Shamir escrow mechanism supported by the Mesh itself which uses Shamir
Secret Sharing to escrow the encryption key for a DARE Envelope Secret Sharing to escrow the encryption key for a DARE Envelope
containing the private key information. containing the private key information.
To escrow a key set, the user specifies the number of key shares to To escrow a key set, the user specifies the number of key shares to
be created and the number required for recovery. be created and the number required for recovery.
>profile escrow Alice> mesh escrow
ERROR - The feature has not been implemented ERROR - The cryptographic provider does not permit export of the private key parameters
Recovery of the key data requires the key recovery record and a Recovery of the key data requires the key recovery record and a
quorum of the key shares: quorum of the key shares:
Having recovered the Master Signature Key, the user can now create a Having recovered the Master Signature Key, the user can now create a
new master profile authorizing a new administration device which can new master profile authorizing a new administration device which can
be used to authenticate access to the Mesh Service Account(s) be used to authenticate access to the Mesh Service Account(s)
connected to the master profile. connected to the master profile.
6. Security Considerations 6. Security Considerations
skipping to change at page 37, line 4 skipping to change at page 37, line 11
7. IANA Considerations 7. IANA Considerations
This document does not contain actions for IANA This document does not contain actions for IANA
8. Acknowledgements 8. Acknowledgements
Comodo Group: Egemen Tas, Melhi Abdulhayo?lu, Rob Stradling, Robin Comodo Group: Egemen Tas, Melhi Abdulhayo?lu, Rob Stradling, Robin
Alden. Alden.
9. References 9. References
9.1. Normative References 9.1. Normative References
[draft-hallambaker-jsonbcd] [draft-hallambaker-jsonbcd]
Hallam-Baker, P., "Binary Encodings for JavaScript Object Hallam-Baker, P., "Binary Encodings for JavaScript Object
Notation: JSON-B, JSON-C, JSON-D", draft-hallambaker- Notation: JSON-B, JSON-C, JSON-D", draft-hallambaker-
jsonbcd-14 (work in progress), April 2019. jsonbcd-14 (work in progress), April 2019.
[draft-hallambaker-mesh-cryptography] [draft-hallambaker-mesh-cryptography]
Hallam-Baker, P., "Mathematical Mesh Part VIII: Hallam-Baker, P., "Mathematical Mesh 3.0 Part VIII:
Cryptographic Algorithms", draft-hallambaker-mesh- Cryptographic Algorithms", draft-hallambaker-mesh-
cryptography-00 (work in progress), April 2019. cryptography-01 (work in progress), July 2019.
[draft-hallambaker-mesh-dare] [draft-hallambaker-mesh-dare]
Hallam-Baker, P., "Mathematical Mesh Part III : Data At Hallam-Baker, P., "Mathematical Mesh 3.0 Part III : Data
Rest Encryption (DARE)", draft-hallambaker-mesh-dare-01 At Rest Encryption (DARE)", draft-hallambaker-mesh-dare-02
(work in progress), April 2019. (work in progress), July 2019.
[draft-hallambaker-mesh-developer] [draft-hallambaker-mesh-developer]
Hallam-Baker, P., "Mathematical Mesh: Reference Hallam-Baker, P., "Mathematical Mesh: Reference
Implementation", draft-hallambaker-mesh-developer-08 (work Implementation", draft-hallambaker-mesh-developer-08 (work
in progress), April 2019. in progress), April 2019.
[draft-hallambaker-mesh-platform] [draft-hallambaker-mesh-platform]
Hallam-Baker, P., "Mathematical Mesh: Platform Hallam-Baker, P., "Mathematical Mesh: Platform
Configuration", draft-hallambaker-mesh-platform-04 (work Configuration", draft-hallambaker-mesh-platform-04 (work
in progress), April 2019. in progress), April 2019.
[draft-hallambaker-mesh-protocol] [draft-hallambaker-mesh-protocol]
Hallam-Baker, P., "Mathematical Mesh Part V: Protocol Hallam-Baker, P., "Mathematical Mesh Part V: Protocol
Reference", draft-hallambaker-mesh-protocol-00 (work in Reference", draft-hallambaker-mesh-protocol-00 (work in
progress), April 2019. progress), April 2019.
[draft-hallambaker-mesh-schema] [draft-hallambaker-mesh-schema]
Hallam-Baker, P., "Mathematical Mesh Part IV: Schema Hallam-Baker, P., "Mathematical Mesh 3.0 Part IV: Schema
Reference", draft-hallambaker-mesh-schema-00 (work in Reference", draft-hallambaker-mesh-schema-01 (work in
progress), April 2019. progress), July 2019.
[draft-hallambaker-mesh-security] [draft-hallambaker-mesh-security]
Hallam-Baker, P., "Mathematical Mesh Part VII: Security Hallam-Baker, P., "Mathematical Mesh Part VII: Security
Considerations", draft-hallambaker-mesh-security-00 (work Considerations", draft-hallambaker-mesh-security-00 (work
in progress), April 2019. in progress), April 2019.
[draft-hallambaker-mesh-trust] [draft-hallambaker-mesh-trust]
Hallam-Baker, P., "Mathematical Mesh Part VI: The Trust Hallam-Baker, P., "Mathematical Mesh Part VI: The Trust
Mesh", draft-hallambaker-mesh-trust-01 (work in progress), Mesh", draft-hallambaker-mesh-trust-01 (work in progress),
April 2019. April 2019.
[draft-hallambaker-mesh-udf] [draft-hallambaker-mesh-udf]
Hallam-Baker, P., "Mathematical Mesh Part II: Uniform Data Hallam-Baker, P., "Mathematical Mesh 3.0 Part II: Uniform
Fingerprint.", draft-hallambaker-mesh-udf-02 (work in Data Fingerprint.", draft-hallambaker-mesh-udf-03 (work in
progress), April 2019. progress), July 2019.
[draft-hallambaker-web-service-discovery] [draft-hallambaker-web-service-discovery]
Hallam-Baker, P., "DNS Web Service Discovery", draft- Hallam-Baker, P., "DNS Web Service Discovery", draft-
hallambaker-web-service-discovery-02 (work in progress), hallambaker-web-service-discovery-02 (work in progress),
April 2019. April 2019.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997. DOI 10.17487/RFC2119, March 1997.
 End of changes. 49 change blocks. 
80 lines changed or deleted 103 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/