Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[p2-core] Figure out "TODO" section in chapter 6.1.4 #138

Open
bitfl0wer opened this issue Mar 9, 2025 · 0 comments
Open

[p2-core] Figure out "TODO" section in chapter 6.1.4 #138

bitfl0wer opened this issue Mar 9, 2025 · 0 comments
Milestone
p2-core v1.0-beta.2

Comments

@bitfl0wer
Copy link
Member

At the end of chapter 6.1.4, one can currently find a warning:

The following questions are still open:

Should actors always be able to revoke the ID-Cert they are sending the revocation message with without needing to complete a sensitive action?
Currently, I cannot see any reason that would speak against this.
How can actors remain in control of their keys? If revocations need to be signed by the server, then the server has more authority over keys than the actor does
Revocations should likely never have to be signed by the server. Either that, or it does, but the trust model assumptions apply.

These questions should be answered, with the warning being removed in the process.
@bitfl0wer bitfl0wer added this to the p2-core v1.0-beta.2 milestone Mar 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
p2-core v1.0-beta.2
Development

No branches or pull requests
1 participant
@bitfl0wer