jwm icon indicating copy to clipboard operation
jwm copied to clipboard
verified publisher icon mattrglobal

combining function of nonce and id

Open TomCJones opened this issue 5 years ago • 2 comments

Based on a iiw discussion there is a proposal to combine functionality. Here are the reqs - would be interested in solutions.

  1. track messages
  2. route message
  3. test validity of message early - ie mitigate DoS

TomCJones avatar Apr 29 '20 21:04 TomCJones

There is currently nothing preventing applications from using the id as a nonce, as there is equally nothing preventing applications from declaring and using an explicit nonce field, I agree with all the points you make above in reference to them being valid uses of the id field I am just wondering if there is anything we can add to the spec to make this clearer?

tplooker avatar Apr 30 '20 05:04 tplooker

As Paul Dietrich pointed out on that call, some consideration should be taken around the security of combining these pieces of functionality. In particular, is it possible that the behavior of the nonce will conflict the use of ID for message tracking or routing that could potentially lead to confusion and ultimately insecure implementations.

With that in mind, I think the best route would be to make the nonce explicitly separate as we don't have a compactness requirement that would suggest combining them would be the right approach. If there's other reasons other than compactness that we should consider as a benefit to this approach, I'd like to consider them.

kdenhartog avatar Apr 30 '20 20:04 kdenhartog