Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Be able to use TLS for the SPAKE2+EE handshake #23

Open
dinosaure opened this issue Nov 18, 2022 · 0 comments
Open

Be able to use TLS for the SPAKE2+EE handshake #23

dinosaure opened this issue Nov 18, 2022 · 0 comments
Labels
enhancement New feature or request

Comments

@dinosaure
Copy link
Owner

Currently, even if we ensured that no leak was done during our handshake, it will be nice to wrap the exchange into TLS. A question remains, how the relay gemerate and/or use a certificate (specially for MirageOS) and where the certificate should come from. Many solutions exists:

  1. use an external unikernel like tlstunnel to redirect the TLS flow to a clear flow
  2. let our relay to handle by itself the TLS protocol
  3. ask Let's encrypt to generate our TLS certificate
  4. generate by ourselve the certificate and give informations of it publicly
@dinosaure dinosaure added the enhancement New feature or request label Jan 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dinosaure