RFC 7250 Raw Public Key support about tls-tris HOT 7 OPEN

Not sure what would be a benefit of implementing this

from tls-tris.

I wanted to implement ssh-like authentication, with an authorized hosts file. You can just use self-signed certs without this, which is why no one has implemented it.

from tls-tris.

It would also be super useful for p2p applications. These typically don’t have any CA, but rely on the public key to establish the peer’s identity.
I’m not sure if implementing this RFC is in scope for this repo, but if it is, I’d be very happy to contribute some code to make this happen.

from tls-tris.

I think it could be interesting. Do you have any particular p2p application in mind that would like to use it?

from tls-tris.

We'd like to use that for libp2p, the network stack of IPFS.
The way peer auth works in libp2p is that the key ID is basically the hash of the public key. During the handshake, both peers authenticate each other by checking the pub key hash. For the TLS handshake currently used for QUIC, we generating a self-signed certificate, and retrieve that using ConnectionState after the handshake completes. It works, but it's a bit of overhead that we could get rid off by using raw public keys.

from tls-tris.

ok, I see. Initially I've thought that it would be possible to use delegated credentials (https://datatracker.ietf.org/doc/html/draft-rescorla-tls-subcerts) which is a bit different solution. Nevertheless, it case of DC the public key changes often (validity is 7 days), so IMHO it's not a right solution for libp2p.
If you would like to propose patch for RFC 7250, feel free to do it. (there is a rule; code without proper tests doesn't exist :)

from tls-tris.

+1

from tls-tris.