azul
commented
6 years ago One problem i see with this solution is DOS attacks and reacting to connection attempts after a (seemingly) successful verification. In particular.. an observer of the mail exchange could resend Bobs 'vc-request-with-auth' message from a different email address. My understanding is that this would look like a second legitimate contact request which would lead to a warning and error case. It would not allow reading encrypted messages - but it would cause doubt on the legitimate verification attempt.
Michael Rogers lists a few attack scenarios if qr codes can be reused. They are mainly based on the attacker being able to access the QR code and performing the verified contact workflow.
Allowing AUTH codes to be used only once mitigates this attack because we can warn the person who showed the invite code that there were two attempts to use it.
(This issue is part of the feedback on the messaging@moderncrypto mailing list #61)