-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 14/07/12 00:11, Brian Warner wrote: > I'm most interested in using the invitation code to also > *establish* a channel, since for things like Tahoe, there's nothing > to bootstrap from. If the Tahoe client were also an IRC client, or > an MUA, then it could quietly insert extra data into your IMs or > emails to inform the agent on the other side of its IP address/etc. > But when it's a standalone program, it's the human who gets the job > of connecting agents together, which puts more of a burden on the > protocol, since asking the human to transcribe an IP address and > port number is boring and error-prone.
In Briar we use the six-digit invitation code to seed a PRNG, which the transport plugin can use however it wants to arrange a rendezvous between the endpoint devices. The Bluetooth plugin uses the PRNG to generate a service UUID - the responder's device creates a service with that UUID and the initiator's device scans for it. The LAN plugin uses the PRNG to generate the address and port of a multicast group - both devices join the group, the initiator's device sends a UDP packet to the group containing its TCP address and port, and the responder connects to it. Another possibility would be to use the PRNG to generate a BitTorrent infohash; both devices would publish their IP addresses and ports in the BitTorrent DHT under that infohash. The invitation code is not assumed to be secret or unguessable - it just serves to distinguish Alice and Bob from any other pairs of users who may be trying to exchange keys in the same place at the same time. For the DHT case, or any other case using a globally shared resource, you'd probably want to use more than six digits for the invitation code to reduce the probability of accidental collisions. Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJQEXYkAAoJEBEET9GfxSfMD/4H/iZ3/l61p68eaQFBsmsWIvQA WFD9TQFAtoM7EX6hnHGoq7Ujgkbl5yKxTxI1MIrdmvvstaDwxtEnVTrPrTQjBQu/ uSzcVMD2eDZKF7ru8V9VtWao02rmZSO8PdP8qn3fYYToK5TU98bErQFNAYvN9ML3 ieQtYxdtBU/b0Xfay3DVwLtfhNc7Nqa3ZUfLqNcA3BOepS6dtkYVZGFZgvf/KOOQ L+47RMaV3DdQt6kMeljzptrouwkAzBeamm0LpP6XAVH/a+lwM56LgrHVfCfHk2fq xj4oriSys6LPhXOdDnvtBo4y73hqU9+cUXYKEr+hCE087g1+ZAmCBQJym5WtXQU= =t9mI -----END PGP SIGNATURE----- _______________________________________________ tahoe-dev mailing list tahoe-dev@tahoe-lafs.org https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev