Reference key consistency document

[tfpauly]

• Issuer Encapsulation Key is common for all requests on the issuer; we should mention consistency checks on that
• Token Key is per Issuer/Origin; we should mention consistency checks on that

For each, we should talk about how the client enforces consistency, and reference draft-ietf-privacypass-key-consistency

[tfpauly]

For the Issuer Encapsulation Key, the attester can help, or the client can check the config file.

For the Token Key, we likely should define how the origin learns the right key from the issuer, and the client could also use that for a consistency check if it had access.

Client should also reject keys if they change across challenges.

[chris-wood]

@tfpauly did you want to take this issue, or would you like me to take a first crack at it?

[tfpauly]

If you have a good idea, please go ahead!

[tfpauly]

Once we've published a new version of https://github.com/chris-wood/draft-group-privacypass-k-check, point to that document

[tfpauly]

If we could fetch the keys for all rate-limited origins on a particular issuer, we could look up the key without revealing which origin we were going to.