search

tfpauly / privacy-proxy

Specifications for Privacy Proxy Implementations
Other
29 stars 12 forks source link

Fix issuance request binding #114

Closed chris-wood closed 2 years ago

chris-wood commented 2 years ago

The gist of the request generation process is now:

  1. Generate a blinded token request;
  2. Generate a blinded key pair;
  3. Encrypt the origin name, using (1) and (2) as AAD.
  4. Generate a signature covering (1-3).

The signature is just Ed25519, and the blinded key pair is just a randomized Ed25519 key pair.

cc @FredericJacobs

chris-wood commented 2 years ago

Thanks, @janaiyengar! @tfpauly, shall we close this out and focus on the new doc?

chris-wood commented 2 years ago

Closing.