Closed carnage closed 6 years ago
tokenkey
might confuse people who do key identifiers too, though. (Tracking this feature request in #1)
Y'know how sodium_crypto_box_seal()
prefixes the ephemeral public key, but the rest of it's basically sodium_crypto_box()
? That prefixed public key is what we're doing here. Maybe one-time-key
would work better?
It is what you are doing in protocol V2, but in V1 it is an RSA encrypted one-time random key.
one-time-key may work best, has the side effect of promoting that it shouldn't be reused :p
I forgot to press "close issue", but that's a better mistake than the converse (closing issues by accident, which could be received as rude).
The term public key as used in the token specification is slightly confusing, I'd suggest renaming it to token key to better reflect it's usage.
eg
version.purpose.tokenkey.ciphertext