search

shapeshifter / shapeshifter-specification

This repository contains the Shapeshifter specification. Files in this repository are used to generate an easily readable and navigable specification, that can be accessed using the link below
https://shapeshifter.github.io/shapeshifter-specification/
Apache License 2.0
6 stars 7 forks source link

Question: authenticated message encryption #83

Open stan-janssen opened 1 year ago

stan-janssen commented 1 year ago

In appendix 4 of the documentation (page 68 in the PDF), it mentions two sets of keys:

The document goes on to explain how to use the digital signatures (used to seal an XML message of type PayloadMessage using the private key into a blob of bytes that can be unsealed by using the corresponding public key), but it does not explain when and how to use the authenticated message encryption.

I looked through the source code of the Shapeshifter implementation but could not find references to the message encryption.

What is the intended purpose of the authenticated message encryption, and where should I use it?

capacious commented 1 year ago

@stan-janssen I don't know of an implementation that has implemented this; Good question, we can discuss this with the rest of the contributors to see what they think about it.

@tomwetjens @KoviaX Do you know of an implementation that uses this? What do we want to do with this? Do we think we still need this?

The wording is indeed confusing and not really clear,

tomwetjens commented 1 year ago

@capacious I am not aware of any implementation that uses the encryption. Currently only signing is used afaik.

KoviaX commented 1 year ago

Indeed, as @tomwetjens mentioned, current implementations only use signing to my knowledge.