Re: Encryption simplification

Hi Martin,

On Sun, Oct 30, 2016 at 09:22:26PM +1100, Martin Thomson wrote:
> After discussion about content codings, I've made something of a
> drastic change to the encryption draft.  A preview is here:
> The pull request is here:
> This is a huge simplification in many ways, so I think that's a fair
> improvement.
> The main assertion that this assumes is this: content codings should
> be self-descriptive.
> Obviously, this isn't a strong assertion given that this content
> coding requires a key, and SDCH relies on having an external
> dictionary, but the point is that the contents of the message can be
> decoded without reading additional header fields.  This is consistent
> with the observation that James Manger made about the MICE content
> coding previously [1].
> To that end, I've removed the Encryption header field and packed the
> critical data into the content itself.  This is more efficient and
> avoids strange cross-header-field correlation between Encryption and
> Content-Encoding.  It retains Crypto-Key and key identifiers, but
> that's necessary since they generally travel separately.

I like it. I think it is well designed and even suspect that if it
succeeds we'll see an update later to move some payload-specific
metadata which currently stand in headers into the encrypted block
(I don't have good examples right now but have faced this need in
the past -- we may for example think about the content's title and
author or the location where a photo was taken). But for now I think
it efficiently covers what it aims to.

Good job!

Received on Monday, 31 October 2016 06:51:40 UTC