idnits 2.17.1 draft-hallambaker-mesh-security-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([1]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 8, 2019) is 1754 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Looks like a reference, but probably isn't: '1' on line 1755 Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group P. Hallam-Baker 3 Internet-Draft July 8, 2019 4 Intended status: Informational 5 Expires: January 9, 2020 7 Mathematical Mesh Part VII: Security Considerations 8 draft-hallambaker-mesh-security-01 10 Abstract 12 The Mathematical Mesh 'The Mesh' is an end-to-end secure 13 infrastructure that facilitates the exchange of configuration and 14 credential data between multiple user devices. The core protocols of 15 the Mesh are described with examples of common use cases and 16 reference data. 18 This document is also available online at 19 http://mathmesh.com/Documents/draft-hallambaker-mesh-security.html 20 [1] . 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on January 9, 2020. 39 Copyright Notice 41 Copyright (c) 2019 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (https://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 5 57 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5 58 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 5 59 2.2. Defined Terms . . . . . . . . . . . . . . . . . . . . . . 5 60 2.3. Related Specifications . . . . . . . . . . . . . . . . . 5 61 2.4. Implementation Status . . . . . . . . . . . . . . . . . . 6 62 2.5. Shared Classes . . . . . . . . . . . . . . . . . . . . . 6 63 2.5.1. Classes describing keys . . . . . . . . . . . . . . . 6 64 2.5.2. Structure: PublicKey . . . . . . . . . . . . . . . . 6 65 2.5.3. Structure: KeyComposite . . . . . . . . . . . . . . . 6 66 2.5.4. Structure: KeyOverlay . . . . . . . . . . . . . . . . 6 67 2.5.5. Structure: EscrowedKeySet . . . . . . . . . . . . . . 6 68 2.5.6. Structure: DeviceRecryptionKey . . . . . . . . . . . 7 69 2.6. Assertion classes . . . . . . . . . . . . . . . . . . . . 7 70 2.6.1. Structure: Assertion . . . . . . . . . . . . . . . . 7 71 2.6.2. Structure: Condition . . . . . . . . . . . . . . . . 7 72 2.6.3. Profile Classes . . . . . . . . . . . . . . . . . . . 7 73 2.6.4. Structure: Profile . . . . . . . . . . . . . . . . . 7 74 2.6.5. Structure: ProfileMaster . . . . . . . . . . . . . . 8 75 2.6.6. Structure: ProfileDevice . . . . . . . . . . . . . . 8 76 2.6.7. Structure: ProfileService . . . . . . . . . . . . . . 8 77 2.6.8. Structure: ProfileAccount . . . . . . . . . . . . . . 9 78 2.6.9. Structure: ProfileGroup . . . . . . . . . . . . . . . 9 79 2.6.10. Structure: ProfileHost . . . . . . . . . . . . . . . 9 80 2.6.11. Connection Classes . . . . . . . . . . . . . . . . . 9 81 2.6.12. Structure: Connection . . . . . . . . . . . . . . . . 9 82 2.6.13. Structure: Permission . . . . . . . . . . . . . . . . 10 83 2.6.14. Structure: ConnectionDevice . . . . . . . . . . . . . 10 84 2.6.15. Structure: ConnectionAccount . . . . . . . . . . . . 10 85 2.6.16. Structure: ConnectionService . . . . . . . . . . . . 11 86 2.6.17. Structure: ConnectionHost . . . . . . . . . . . . . . 11 87 2.6.18. Structure: ConnectionApplication . . . . . . . . . . 11 88 2.6.19. Activation Classes . . . . . . . . . . . . . . . . . 11 89 2.6.20. Structure: Activation . . . . . . . . . . . . . . . . 11 90 2.6.21. Structure: ActivationDevice . . . . . . . . . . . . . 11 91 2.6.22. Structure: ActivationAccount . . . . . . . . . . . . 12 92 2.7. Cataloged items . . . . . . . . . . . . . . . . . . . . . 12 93 2.7.1. Data Structures . . . . . . . . . . . . . . . . . . . 12 94 2.7.2. Structure: Contact . . . . . . . . . . . . . . . . . 12 95 2.7.3. Structure: Role . . . . . . . . . . . . . . . . . . . 13 96 2.7.4. Structure: Address . . . . . . . . . . . . . . . . . 14 97 2.7.5. Structure: Location . . . . . . . . . . . . . . . . . 14 98 2.7.6. Structure: Reference . . . . . . . . . . . . . . . . 14 99 2.7.7. Structure: Task . . . . . . . . . . . . . . . . . . . 15 100 2.8. Catalog Entries . . . . . . . . . . . . . . . . . . . . . 16 101 2.8.1. Structure: CatalogedEntry . . . . . . . . . . . . . . 16 102 2.8.2. Structure: CatalogedDevice . . . . . . . . . . . . . 16 103 2.8.3. Structure: CatalogedCredential . . . . . . . . . . . 16 104 2.8.4. Structure: CatalogedNetwork . . . . . . . . . . . . . 17 105 2.8.5. Structure: CatalogedContact . . . . . . . . . . . . . 17 106 2.8.6. Structure: CatalogedContactRecryption . . . . . . . . 17 107 2.8.7. Structure: CatalogedBookmark . . . . . . . . . . . . 18 108 2.8.8. Structure: CatalogedTask . . . . . . . . . . . . . . 18 109 2.8.9. Structure: CatalogedApplication . . . . . . . . . . . 18 110 2.8.10. Structure: CatalogedApplicationAccount . . . . . . . 18 111 2.8.11. Structure: CatalogedMember . . . . . . . . . . . . . 19 112 2.8.12. Structure: CatalogedGroup . . . . . . . . . . . . . . 19 113 2.8.13. Structure: CatalogedApplicationSSH . . . . . . . . . 19 114 2.8.14. Structure: CatalogedApplicationMail . . . . . . . . . 19 115 2.8.15. Structure: CatalogedApplicationNetwork . . . . . . . 19 116 2.9. Messages . . . . . . . . . . . . . . . . . . . . . . . . 19 117 2.9.1. Structure: Message . . . . . . . . . . . . . . . . . 19 118 2.9.2. Structure: MessageComplete . . . . . . . . . . . . . 20 119 2.9.3. Structure: MessagePIN . . . . . . . . . . . . . . . . 20 120 2.9.4. Structure: RequestConnection . . . . . . . . . . . . 20 121 2.9.5. Structure: AcknowledgeConnection . . . . . . . . . . 21 122 2.9.6. Structure: RequestContact . . . . . . . . . . . . . . 21 123 2.9.7. Structure: RequestConfirmation . . . . . . . . . . . 21 124 2.9.8. Structure: ResponseConfirmation . . . . . . . . . . . 21 125 2.9.9. Structure: RequestTask . . . . . . . . . . . . . . . 22 126 3. Mesh Portal Service Reference . . . . . . . . . . . . . . . . 22 127 3.1. Request Messages . . . . . . . . . . . . . . . . . . . . 22 128 3.1.1. Message: MeshRequest . . . . . . . . . . . . . . . . 22 129 3.2. Response Messages . . . . . . . . . . . . . . . . . . . . 22 130 3.2.1. Message: MeshResponse . . . . . . . . . . . . . . . . 22 131 3.3. Imported Objects . . . . . . . . . . . . . . . . . . . . 23 132 3.4. Common Structures . . . . . . . . . . . . . . . . . . . . 23 133 3.4.1. Structure: KeyValue . . . . . . . . . . . . . . . . . 23 134 3.4.2. Structure: SearchConstraints . . . . . . . . . . . . 23 135 3.5. Transaction: Hello . . . . . . . . . . . . . . . . . . . 24 136 3.6. Transaction: ValidateAccount . . . . . . . . . . . . . . 24 137 3.6.1. Message: ValidateRequest . . . . . . . . . . . . . . 24 138 3.6.2. Message: ValidateResponse . . . . . . . . . . . . . . 24 139 3.7. Transaction: CreateAccount . . . . . . . . . . . . . . . 25 140 3.7.1. Message: CreateRequest . . . . . . . . . . . . . . . 25 141 3.7.2. Message: CreateResponse . . . . . . . . . . . . . . . 26 142 3.8. Transaction: DeleteAccount . . . . . . . . . . . . . . . 26 143 3.8.1. Message: DeleteRequest . . . . . . . . . . . . . . . 26 144 3.8.2. Message: DeleteResponse . . . . . . . . . . . . . . . 26 146 3.9. Transaction: Get . . . . . . . . . . . . . . . . . . . . 27 147 3.9.1. Message: GetRequest . . . . . . . . . . . . . . . . . 27 148 3.9.2. Message: GetResponse . . . . . . . . . . . . . . . . 27 149 3.10. Transaction: Publish . . . . . . . . . . . . . . . . . . 28 150 3.10.1. Message: PublishRequest . . . . . . . . . . . . . . 28 151 3.10.2. Message: PublishResponse . . . . . . . . . . . . . . 28 152 3.11. Transaction: Status . . . . . . . . . . . . . . . . . . . 28 153 3.11.1. Message: StatusRequest . . . . . . . . . . . . . . . 29 154 3.11.2. Message: StatusResponse . . . . . . . . . . . . . . 29 155 3.12. Transaction: ConnectStart . . . . . . . . . . . . . . . . 29 156 3.12.1. Message: ConnectStartRequest . . . . . . . . . . . . 29 157 3.12.2. Message: ConnectStartResponse . . . . . . . . . . . 30 158 3.13. Transaction: ConnectStatus . . . . . . . . . . . . . . . 30 159 3.13.1. Message: ConnectStatusRequest . . . . . . . . . . . 30 160 3.13.2. Message: ConnectStatusResponse . . . . . . . . . . . 30 161 3.14. Transaction: ConnectPending . . . . . . . . . . . . . . . 31 162 3.14.1. Message: ConnectPendingRequest . . . . . . . . . . . 31 163 3.14.2. Message: ConnectPendingResponse . . . . . . . . . . 31 164 3.15. Transaction: ConnectComplete . . . . . . . . . . . . . . 31 165 3.15.1. Message: ConnectCompleteRequest . . . . . . . . . . 32 166 3.15.2. Message: ConnectCompleteResponse . . . . . . . . . . 32 167 3.16. Transaction: Transfer . . . . . . . . . . . . . . . . . . 32 168 3.16.1. Message: TransferRequest . . . . . . . . . . . . . . 32 169 3.16.2. Message: TransferResponse . . . . . . . . . . . . . 33 170 4. Assets . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 171 4.1. Data . . . . . . . . . . . . . . . . . . . . . . . . . . 33 172 4.2. Credentials . . . . . . . . . . . . . . . . . . . . . . . 33 173 4.3. Reputation . . . . . . . . . . . . . . . . . . . . . . . 33 174 4.3.1. Outbound Messaging Abuse () . . . . . . . . . . . . . 33 175 5. Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 176 5.1. Confidentiality . . . . . . . . . . . . . . . . . . . . . 33 177 5.1.1. Privacy . . . . . . . . . . . . . . . . . . . . . . . 33 178 5.2. Integrity . . . . . . . . . . . . . . . . . . . . . . . . 33 179 5.3. Availability . . . . . . . . . . . . . . . . . . . . . . 34 180 5.3.1. Data loss . . . . . . . . . . . . . . . . . . . . . . 34 181 5.3.2. Partial data survivability . . . . . . . . . . . . . 34 182 5.4. Inbound Messaging Abuse (Spam) . . . . . . . . . . . . . 34 183 6. Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 184 6.1. End point Compromise . . . . . . . . . . . . . . . . . . 34 185 6.2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 186 7. Controls . . . . . . . . . . . . . . . . . . . . . . . . . . 34 187 7.1. Cryptographic . . . . . . . . . . . . . . . . . . . . . . 34 188 7.1.1. Triple lock . . . . . . . . . . . . . . . . . . . . . 34 189 7.1.2. Key Protection . . . . . . . . . . . . . . . . . . . 34 190 7.1.3. Key and Nonce Generation . . . . . . . . . . . . . . 35 191 7.1.4. Key Escrow and Recovery . . . . . . . . . . . . . . . 35 192 7.1.5. Profile Verification . . . . . . . . . . . . . . . . 35 193 7.1.6. Identity Validation . . . . . . . . . . . . . . . . . 36 194 7.1.7. Trust Broker Accountability . . . . . . . . . . . . . 36 195 7.2. Mesh Messaging . . . . . . . . . . . . . . . . . . . . . 36 196 7.2.1. Ingress Control . . . . . . . . . . . . . . . . . . . 36 197 7.2.2. Egress Control . . . . . . . . . . . . . . . . . . . 36 198 7.2.3. Security Signal . . . . . . . . . . . . . . . . . . . 36 199 7.2.4. Accountability . . . . . . . . . . . . . . . . . . . 37 200 8. Security Considerations . . . . . . . . . . . . . . . . . . . 37 201 8.1. Integrity . . . . . . . . . . . . . . . . . . . . . . . . 37 202 8.1.1. DNS Spoofing . . . . . . . . . . . . . . . . . . . . 37 203 8.1.2. TLS Downgrade . . . . . . . . . . . . . . . . . . . . 37 204 8.1.3. TLS Service Impersonation . . . . . . . . . . . . . . 37 205 8.1.4. Request Replay Attack . . . . . . . . . . . . . . . . 37 206 8.1.5. Response Replay Attack . . . . . . . . . . . . . . . 37 207 8.2. Confidentiality . . . . . . . . . . . . . . . . . . . . . 37 208 8.2.1. Side Channel Attack . . . . . . . . . . . . . . . . . 37 209 8.2.2. Session Key Leakage . . . . . . . . . . . . . . . . . 37 210 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37 211 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 37 212 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 37 213 11.1. Normative References . . . . . . . . . . . . . . . . . . 37 214 11.2. Informative References . . . . . . . . . . . . . . . . . 38 215 11.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 38 216 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 38 218 1. Introduction 220 2. Definitions 222 This section presents the related specifications and standard, the 223 terms that are used as terms of art within the documents and the 224 terms used as requirements language. 226 2.1. Requirements Language 228 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 229 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 230 document are to be interpreted as described in [RFC2119] . 232 2.2. Defined Terms 234 The terms of art used in this document are described in the Mesh 235 Architecture Guide [draft-hallambaker-mesh-architecture] . 237 2.3. Related Specifications 239 The architecture of the Mathematical Mesh is described in the Mesh 240 Architecture Guide [draft-hallambaker-mesh-architecture] . The Mesh 241 documentation set and related specifications are described in this 242 document. 244 2.4. Implementation Status 246 The implementation status of the reference code base is described in 247 the companion document [draft-hallambaker-mesh-developer] . 249 2.5. Shared Classes 251 The following classes are used as common elements in Mesh profile 252 specifications. 254 2.5.1. Classes describing keys 256 2.5.2. Structure: PublicKey 258 The PublicKey class is used to describe public key pairs and trust 259 assertions associated with a public key. 261 UDF: String (Optional) UDF fingerprint of the public key parameters/ 263 X509Certificate: Binary (Optional) List of X.509 Certificates 265 X509Chain: Binary [0..Many] X.509 Certificate chain. 267 X509CSR: Binary (Optional) X.509 Certificate Signing Request. 269 2.5.3. Structure: KeyComposite 271 Service: String (Optional) Service holding the additional 272 contribution 274 2.5.4. Structure: KeyOverlay 276 UDF: String (Optional) Fingerprint of the resulting composite key 277 (to allow verification) 279 BaseUDF: String (Optional) Fingerprint specifying the base key 281 2.5.5. Structure: EscrowedKeySet 283 A set of escrowed keys. 285 [No fields] 287 2.5.6. Structure: DeviceRecryptionKey 289 UDF: String (Optional) The fingerprint of the encryption key 291 RecryptionKey: PublicKey (Optional) The recryption key 293 EnvelopedRecryptionKeyDevice: DareEnvelope (Optional) The decryption 294 key encrypted under the user's device key. 296 2.6. Assertion classes 298 Classes that are derived from an assertion. 300 2.6.1. Structure: Assertion 302 Parent class from which all assertion classes are derived 304 Names: String [0..Many] Fingerprints of index terms for profile 305 retrieval. The use of the fingerprint of the name rather than the 306 name itself is a precaution against enumeration attacks and other 307 forms of abuse. 309 Updated: DateTime (Optional) The time instant the profile was last 310 modified. 312 NotaryToken: String (Optional) A Uniform Notary Token providing 313 evidence that a signature was performed after the notary token was 314 created. 316 2.6.2. Structure: Condition 318 Parent class from which all condition classes are derived. 320 [No fields] 322 2.6.3. Profile Classes 324 Profiles are self signed assertions. 326 2.6.4. Structure: Profile 328 Inherits: Assertion 330 Parent class from which all profile classes are derived 332 KeySignature: PublicKey (Optional) The permanent signature key used 333 to sign the profile itself. The UDF of the key is used as the 334 permanent object identifier of the profile. Thus, by definition, 335 the KeySignature value of a Profile does not change under any 336 circumstance. The only case in which a 338 OnlineSignatureKeys: PublicKey [0..Many] A Personal profile contains 339 at least one OSK which is used to sign device administration 340 application profiles. 342 2.6.5. Structure: ProfileMaster 344 Inherits: Profile 346 Describes the long term parameters associated with a personal 347 profile. 349 MasterEscrowKeys: PublicKey [0..Many] A Personal Profile MAY contain 350 one or more PMEK keys to enable escrow of private keys used for 351 stored data. 353 KeyEncryption: PublicKey (Optional) Key used to pass encrypted data 354 to the device such as a DeviceUseEntry 356 2.6.6. Structure: ProfileDevice 358 Inherits: Profile 360 Describes a mesh device. 362 Description: String (Optional) Description of the device 364 KeyEncryption: PublicKey (Optional) Key used to pass encrypted data 365 to the device such as a DeviceUseEntry 367 KeyAuthentication: PublicKey (Optional) Key used to authenticate 368 requests made by the device. 370 2.6.7. Structure: ProfileService 372 Inherits: Profile 374 Profile of a Mesh Service 376 AuthenticationKey: PublicKey (Optional) Key used to authenticate 377 service connections. 379 2.6.8. Structure: ProfileAccount 381 Inherits: Profile 383 Account assertion. This is signed by the service hosting the 384 account. 386 ServiceIDs: String [0..Many] Service address(es). 388 MeshProfileUDF: String (Optional) Master profile of the account 389 being registered. 391 AccountEncryptionKey: PublicKey (Optional) Key used to encrypt data 392 under this profile 394 2.6.9. Structure: ProfileGroup 396 Inherits: Profile 398 Describes a group. Note that while a group is created by one person 399 who becomes its first administrator, control of the group may pass to 400 other administrators over time. 402 [No fields] 404 2.6.10. Structure: ProfileHost 406 Inherits: Profile 408 Inherits: Profile 410 KeyAuthentication: PublicKey (Optional) Key used to authenticate 411 service connections. 413 2.6.11. Connection Classes 415 2.6.12. Structure: Connection 417 Inherits: Assertion 419 Inherits: Assertion 421 SubjectUDF: String (Optional) UDF of the connection target. 423 AuthorityUDF: String (Optional) UDF of the connection source. 425 2.6.13. Structure: Permission 427 Name: String (Optional) 429 Name: String (Optional) 431 Role: String (Optional) 433 Role: String (Optional) 435 Capabilities: DareEnvelope (Optional) Keys or key contributions 436 enabling the operation to be performed 438 2.6.14. Structure: ConnectionDevice 440 Inherits: Connection 442 Inherits: Connection 444 Permissions: Permission [0..Many] List of the permissions that the 445 device has been granted. 447 KeySignature: PublicKey (Optional) The signature key for use of the 448 device under the profile 450 KeyEncryption: PublicKey (Optional) The encryption key for use of 451 the device under the profile 453 KeyAuthentication: PublicKey (Optional) The authentication key for 454 use of the device under the profile 456 2.6.15. Structure: ConnectionAccount 458 Inherits: Connection 460 Inherits: Connection 462 Permissions: Permission [0..Many] List of the permissions that the 463 device has been granted. 465 KeySignature: PublicKey (Optional) The signature key for use of the 466 device under the profile 468 KeyEncryption: PublicKey (Optional) The encryption key for use of 469 the device under the profile 471 KeyAuthentication: PublicKey (Optional) The authentication key for 472 use of the device under the profile 474 2.6.16. Structure: ConnectionService 476 Inherits: Connection 478 [No fields] 480 2.6.17. Structure: ConnectionHost 482 Inherits: Connection 484 [No fields] 486 2.6.18. Structure: ConnectionApplication 488 Inherits: Connection 490 [No fields] 492 2.6.19. Activation Classes 494 2.6.20. Structure: Activation 496 Inherits: Assertion 498 Contains the private activation information for a Mesh application 499 running on a specific device 501 [No fields] 503 2.6.21. Structure: ActivationDevice 505 Inherits: Assertion 507 Inherits: Assertion 509 EnvelopedAssertionDeviceConnection: DareEnvelope (Optional) The 510 signed AssertionDeviceConnection. 512 KeySignature: KeyOverlay (Optional) The key overlay used to generate 513 the account signature key from the device signature key 515 KeyEncryption: KeyOverlay (Optional) The key overlay used to 516 generate the account encryption key from the device encryption key 518 KeyAuthentication: KeyOverlay (Optional) The key overlay used to 519 generate the account authentication key from the device 520 authentication key 522 2.6.22. Structure: ActivationAccount 524 Inherits: Activation 526 Inherits: Activation 528 AccountUDF: String (Optional) The UDF of the account 530 EnvelopedAssertionAccountConnection: DareEnvelope (Optional) The 531 account connection assertion 533 KeyEncryption: KeyComposite (Optional) The key contribution for the 534 decryption key for the device. NB this is NOT an overlay on the 535 device signature key, it is an overlay on the corresponding 536 recryption key. 538 KeyAuthentication: KeyOverlay (Optional) The key overlay used to 539 generate the account authentication key from the device 540 authentication key 542 KeySignature: KeyOverlay (Optional) The key overlay used to generate 543 the account signature key from the device signature key 545 2.7. Cataloged items 547 2.7.1. Data Structures 549 Classes describing data used in cataloged data. 551 2.7.2. Structure: Contact 553 Inherits: Assertion 555 Inherits: Assertion 557 Identifier: String (Optional) 559 Identifier: String (Optional) 561 FullName: String (Optional) 563 FullName: String (Optional) 565 Title: String (Optional) 567 Title: String (Optional) 569 First: String (Optional) 570 First: String (Optional) 572 Middle: String (Optional) 574 Middle: String (Optional) 576 Last: String (Optional) 578 Last: String (Optional) 580 Suffix: String (Optional) 582 Suffix: String (Optional) 584 Labels: String [0..Many] 586 Labels: String [0..Many] 588 AssertionAccounts: ProfileAccount [0..Many] 590 AssertionAccounts: ProfileAccount [0..Many] 592 Addresses: Address [0..Many] 594 Addresses: Address [0..Many] 596 Locations: Location [0..Many] 598 Locations: Location [0..Many] 600 Roles: Role [0..Many] 602 2.7.3. Structure: Role 604 CompanyName: String (Optional) 606 CompanyName: String (Optional) 608 Addresses: Address [0..Many] 610 Addresses: Address [0..Many] 612 Locations: Location [0..Many] 614 2.7.4. Structure: Address 616 URI: String (Optional) 618 URI: String (Optional) 620 Labels: String [0..Many] 622 2.7.5. Structure: Location 624 Appartment: String (Optional) 626 Appartment: String (Optional) 628 Street: String (Optional) 630 Street: String (Optional) 632 District: String (Optional) 634 District: String (Optional) 636 Locality: String (Optional) 638 Locality: String (Optional) 640 County: String (Optional) 642 County: String (Optional) 644 Postcode: String (Optional) 646 Postcode: String (Optional) 648 Country: String (Optional) 650 2.7.6. Structure: Reference 652 MessageID: String (Optional) The received message to which this is a 653 response 655 ResponseID: String (Optional) Message that was generated in response 656 to the original (optional). 658 Relationship: String (Optional) The relationship type. This can be 659 Read, Unread, Accept, Reject. 661 2.7.7. Structure: Task 663 Key: String (Optional) Unique key. 665 Start: DateTime (Optional) 667 Start: DateTime (Optional) 669 Finish: DateTime (Optional) 671 Finish: DateTime (Optional) 673 StartTravel: String (Optional) 675 StartTravel: String (Optional) 677 FinishTravel: String (Optional) 679 FinishTravel: String (Optional) 681 TimeZone: String (Optional) 683 TimeZone: String (Optional) 685 Title: String (Optional) 687 Title: String (Optional) 689 Description: String (Optional) 691 Description: String (Optional) 693 Location: String (Optional) 695 Location: String (Optional) 697 Trigger: String [0..Many] 699 Trigger: String [0..Many] 701 Conference: String [0..Many] 703 Conference: String [0..Many] 705 Repeat: String (Optional) 707 Repeat: String (Optional) 708 Busy: Boolean (Optional) 710 2.8. Catalog Entries 712 2.8.1. Structure: CatalogedEntry 714 Base class for cataloged Mesh data. 716 [No fields] 718 2.8.2. Structure: CatalogedDevice 720 Inherits: CatalogedEntry 722 Public device entry, indexed under the device ID 724 AccountIDs: String [0..Many] The accounts to which this device is 725 bound. 727 UDF: String (Optional) UDF of the signature key of the device in the 728 Mesh 730 DeviceUDF: String (Optional) UDF of the signature key of the device 732 EnvelopedProfileDevice: DareEnvelope (Optional) The device profile 734 EnvelopedDeviceConnection: DareEnvelope (Optional) The public 735 assertion demonstrating connection of the Device to the Mesh 737 EnvelopedDevicePrivate: DareEnvelope (Optional) The device profile 739 2.8.3. Structure: CatalogedCredential 741 Inherits: CatalogedEntry 743 Inherits: CatalogedEntry 745 Protocol: String (Optional) 747 Protocol: String (Optional) 749 Service: String (Optional) 751 Service: String (Optional) 753 Username: String (Optional) 755 Username: String (Optional) 756 Password: String (Optional) 758 2.8.4. Structure: CatalogedNetwork 760 Inherits: CatalogedEntry 762 Inherits: CatalogedEntry 764 Protocol: String (Optional) 766 Protocol: String (Optional) 768 Service: String (Optional) 770 Service: String (Optional) 772 Username: String (Optional) 774 Username: String (Optional) 776 Password: String (Optional) 778 2.8.5. Structure: CatalogedContact 780 Inherits: CatalogedEntry 782 Inherits: CatalogedEntry 784 Self: Boolean (Optional) If true, this catalog entry is for the user 785 who created the catalog. To be valid, such an entry MUST be 786 signed by an administration key for the Mesh profile containing 787 the account to which the catalog belongs. 789 Key: String (Optional) Unique key. 791 Permissions: Permission [0..Many] List of the permissions that the 792 contact has been granted. 794 EnvelopedContact: DareEnvelope (Optional) The (signed) contact data. 796 2.8.6. Structure: CatalogedContactRecryption 798 Inherits: CatalogedContact 800 [No fields] 802 2.8.7. Structure: CatalogedBookmark 804 Inherits: CatalogedEntry 806 Inherits: CatalogedEntry 808 Uri: String (Optional) 810 Uri: String (Optional) 812 Title: String (Optional) 814 Title: String (Optional) 816 Path: String (Optional) 818 2.8.8. Structure: CatalogedTask 820 Inherits: CatalogedEntry 822 Inherits: CatalogedEntry 824 EnvelopedTask: DareEnvelope (Optional) 826 EnvelopedTask: DareEnvelope (Optional) 828 Key: String (Optional) Unique key. 830 2.8.9. Structure: CatalogedApplication 832 Inherits: CatalogedEntry 834 Inherits: CatalogedEntry 836 Key: String (Optional) 838 2.8.10. Structure: CatalogedApplicationAccount 840 Wrapper for a signed AccountAssertion 842 Inherits: CatalogedApplication 844 Inherits: CatalogedApplication 846 EnvelopedAccountAssertion: DareEnvelope (Optional) The account 847 assertion 849 2.8.11. Structure: CatalogedMember 851 UDF: String (Optional) 853 UDF: String (Optional) 855 Inherits: CatalogedEntry 857 2.8.12. Structure: CatalogedGroup 859 Inherits: CatalogedApplication 861 [No fields] 863 2.8.13. Structure: CatalogedApplicationSSH 865 Inherits: CatalogedApplication 867 [No fields] 869 2.8.14. Structure: CatalogedApplicationMail 871 Inherits: CatalogedApplication 873 [No fields] 875 2.8.15. Structure: CatalogedApplicationNetwork 877 Inherits: CatalogedApplication 879 [No fields] 881 2.9. Messages 883 2.9.1. Structure: Message 885 MessageID: String (Optional) 887 MessageID: String (Optional) 889 Sender: String (Optional) 891 Sender: String (Optional) 893 Recipient: String (Optional) 895 Recipient: String (Optional) 896 References: Reference [0..Many] 898 2.9.2. Structure: MessageComplete 900 Inherits: Message 902 [No fields] 904 2.9.3. Structure: MessagePIN 906 Account: String (Optional) 908 Account: String (Optional) 910 Inherits: Message 912 Inherits: Message 914 Expires: DateTime (Optional) 916 Expires: DateTime (Optional) 918 PIN: String (Optional) 920 2.9.4. Structure: RequestConnection 922 Connection request message. This message contains the information 924 Inherits: Message 926 Inherits: Message 928 ServiceID: String (Optional) 930 ServiceID: String (Optional) 932 EnvelopedProfileDevice: DareEnvelope (Optional) Device profile of 933 the device making the request. 935 ClientNonce: Binary (Optional) 937 ClientNonce: Binary (Optional) 939 PinUDF: String (Optional) Fingerprint of the PIN value used to 940 authenticate the request. 942 2.9.5. Structure: AcknowledgeConnection 944 Connection request message generated by a service on receipt of a 945 valid MessageConnectionRequestClient 947 Inherits: Message 949 Inherits: Message 951 EnvelopedMessageConnectionRequest: DareEnvelope (Optional) The 952 client connection request. 954 ServerNonce: Binary (Optional) 956 ServerNonce: Binary (Optional) 958 Witness: String (Optional) 960 2.9.6. Structure: RequestContact 962 Inherits: Message 964 Inherits: Message 966 Reply: Boolean (Optional) 968 Reply: Boolean (Optional) 970 Self: DareEnvelope (Optional) The contact data. 972 2.9.7. Structure: RequestConfirmation 974 Inherits: Message 976 Inherits: Message 978 Text: String (Optional) 980 2.9.8. Structure: ResponseConfirmation 982 Inherits: Message 984 Inherits: Message 986 ResponseID: String (Optional) 988 ResponseID: String (Optional) 989 Accept: Boolean (Optional) 991 2.9.9. Structure: RequestTask 993 Inherits: Message 995 [No fields] 997 3. Mesh Portal Service Reference 999 HTTP Well Known Service Prefix: /.well-known/mmm 1001 Every Mesh Portal Service transaction consists of exactly one request 1002 followed by exactly one response. Mesh Service transactions MAY 1003 cause modification of the data stored in the Mesh Portal or the Mesh 1004 itself but do not cause changes to the connection state. The 1005 protocol itself is thus idempotent. There is no set sequence in 1006 which operations are required to be performed. It is not necessary 1007 to perform a Hello transaction prior to a ValidateAccount, Publish or 1008 any other transaction. 1010 3.1. Request Messages 1012 A Mesh Portal Service request consists of a payload object that 1013 inherits from the MeshRequest class. When using the HTTP binding, 1014 the request MUST specify the portal DNS address in the HTTP Host 1015 field. 1017 3.1.1. Message: MeshRequest 1019 Base class for all request messages. 1021 Portal: String (Optional) Name of the Mesh Portal Service to which 1022 the request is directed. 1024 3.2. Response Messages 1026 A Mesh Portal Service response consists of a payload object that 1027 inherits from the MeshResponse class. When using the HTTP binding, 1028 the response SHOULD report the Status response code in the HTTP 1029 response message. However the response code returned in the payload 1030 object MUST always be considered authoritative. 1032 3.2.1. Message: MeshResponse 1034 Base class for all response messages. Contains only the status code 1035 and status description fields. 1037 [No fields] 1039 3.3. Imported Objects 1041 The Mesh Service protocol makes use of JSON objects defined in the 1042 JOSE Signatgure and Encryption specifications. 1044 3.4. Common Structures 1046 The following common structures are used in the protocol messages: 1048 3.4.1. Structure: KeyValue 1050 Describes a Key/Value structure used to make queries for records 1051 matching one or more selection criteria. 1053 Key: String (Optional) The data retrieval key. 1055 Value: String (Optional) The data value to match. 1057 3.4.2. Structure: SearchConstraints 1059 Specifies constraints to be applied to a search result. These allow 1060 a client to limit the number of records returned, the quantity of 1061 data returned, the earliest and latest data returned, etc. 1063 NotBefore: DateTime (Optional) Only data published on or after the 1064 specified time instant is requested. 1066 Before: DateTime (Optional) Only data published before the specified 1067 time instant is requested. This excludes data published at the 1068 specified time instant. 1070 MaxEntries: Integer (Optional) Maximum number of data entries to 1071 return. 1073 MaxBytes: Integer (Optional) Maximum number of data bytes to return. 1075 PageKey: String (Optional) Specifies a page key returned in a 1076 previous search operation in which the number of responses 1077 exceeded the specified bounds. 1079 When a page key is specified, all the other search parameters 1080 except for MaxEntries and MaxBytes are ignored and the service 1081 returns the next set of data responding to the earlier query. 1083 3.5. Transaction: Hello 1085 Request: HelloRequest 1087 Request: HelloRequest 1089 Response: HelloResponse 1091 Report service and version information. 1093 The Hello transaction provides a means of determining which protocol 1094 versions, message encodings and transport protocols are supported by 1095 the service. 1097 3.6. Transaction: ValidateAccount 1099 Request: ValidateRequest 1101 Request: ValidateRequest 1103 Response: ValidateResponse 1105 Request validation of a proposed name for a new account. 1107 For validation of a user's account name during profile creation. 1109 3.6.1. Message: ValidateRequest 1111 Inherits: MeshRequest 1113 Describes the proposed account properties. Currently, these are 1114 limited to the account name but could be extended in future versions 1115 of the protocol. 1117 Account: String (Optional) Account name requested 1119 Reserve: Boolean (Optional) If true, request a reservation for the 1120 specified account name. Note that the service is not obliged to 1121 honor reservation requests. 1123 Language: String [0..Many] List of ISO language codes in order of 1124 preference. For creating explanatory text. 1126 3.6.2. Message: ValidateResponse 1128 Inherits: MeshResponse 1129 States whether the proposed account properties are acceptable and 1130 (optional) returns an indication of what properties are valid. 1132 Note that receiving a 'Valid' responseto a Validate Request does not 1133 guarantee creation of the account. In addition to the possibility 1134 that the account namecould be requested by another user between the 1135 Validate and Create transactions, a portal service MAY perform more 1136 stringent validation criteria when an account is actually being 1137 created. For example, checking with the authoritative list of 1138 current accounts rather than a cached copy. 1140 Valid: Boolean (Optional) If true, the specified account identifier 1141 is acceptable. If false, the account identifier is rejected. 1143 Minimum: Integer (Optional) Specifies the minimum length of an 1144 account name. 1146 Maximum: Integer (Optional) Specifies the maximum length of an 1147 account name. 1149 InvalidCharacters: String (Optional) A list of characters that the 1150 service does not accept in account names. The list of characters 1151 MAY not be exhaustive but SHOULD include any illegal characters in 1152 the proposed account name. 1154 Reason: String (Optional) Text explaining the reason an account name 1155 was rejected. 1157 3.7. Transaction: CreateAccount 1159 Request: CreateRequest 1161 Request: CreateRequest 1163 Response: CreateResponse 1165 Request creation of a new portal account. 1167 Unlike a profile, a mesh account is specific to a particular Mesh 1168 portal. A mesh account must be created and accepted before a profile 1169 can be published. 1171 3.7.1. Message: CreateRequest 1173 Request creation of a new portal account. The request specifies the 1174 requested account identifier and the Mesh profile to be associated 1175 with the account. 1177 Inherits: MeshRequest 1179 Inherits: MeshRequest 1181 Account: String (Optional) Account identifier requested. 1183 3.7.2. Message: CreateResponse 1185 Inherits: MeshResponse 1187 Reports the success or failure of a Create transaction. 1189 [No fields] 1191 3.8. Transaction: DeleteAccount 1193 Request: DeleteRequest 1195 Request: DeleteRequest 1197 Response: DeleteResponse 1199 Request deletion of a portal account. 1201 Deletes a portal account but not the underlying profile. Once 1202 registered, profiles are permanent. 1204 3.8.1. Message: DeleteRequest 1206 Request deletion of a new portal account. The request specifies the 1207 requested account identifier. 1209 Inherits: MeshRequest 1211 Inherits: MeshRequest 1213 Account: String (Optional) Account identifier to be deleted. 1215 3.8.2. Message: DeleteResponse 1217 Inherits: MeshResponse 1219 Reports the success or failure of a Delete transaction. 1221 [No fields] 1223 3.9. Transaction: Get 1225 Request: GetRequest 1227 Request: GetRequest 1229 Response: GetResponse 1231 Search for data in the mesh that matches a set of properties 1232 described by a sequence of key/value pairs. 1234 3.9.1. Message: GetRequest 1236 Describes the Portal or Mesh data to be retreived. 1238 Inherits: MeshRequest 1240 Inherits: MeshRequest 1242 Identifier: String (Optional) Lookup by profile ID 1244 Account: String (Optional) Lookup by Account ID 1246 KeyValues: KeyValue [0..Many] List of KeyValue pairs specifying the 1247 conditions to be met 1249 SearchConstraints: SearchConstraints (Optional) Constrain the search 1250 to a specific time interval and/or limit the number and/or total 1251 size of data records returned. 1253 Multiple: Boolean (Optional) If true return multiple responses if 1254 available 1256 Full: Boolean (Optional) If true, the client requests that the full 1257 Mesh data record be returned containing both the Mesh entry itself 1258 and the Mesh metadata that allows the date and time of the 1259 publication of the Mesh entry to be verified. 1261 3.9.2. Message: GetResponse 1263 Reports the success or failure of a Get transaction. If a Mesh entry 1264 matching the specified profile is found, containsthe list of entries 1265 matching the request. 1267 Inherits: MeshResponse 1269 Inherits: MeshResponse 1270 DataItems: DataItem [0..Many] List of mesh data records matching the 1271 request. 1273 PageKey: String (Optional) If non-null, indicates that the number 1274 and/or size of the data records returned exceeds either the 1275 SearchConstraints specified in the request or internal server 1276 limits. 1278 3.10. Transaction: Publish 1280 Request: PublishRequest 1282 Request: PublishRequest 1284 Response: PublishResponse 1286 Publish a profile or key escrow entry to the mesh. 1288 3.10.1. Message: PublishRequest 1290 Requests publication of the specified Mesh entry. 1292 Inherits: MeshRequest 1294 [No fields] 1296 3.10.2. Message: PublishResponse 1298 Reports the success or failure of a Publish transaction. 1300 Inherits: MeshResponse 1302 [No fields] 1304 3.11. Transaction: Status 1306 Request: StatusRequest 1308 Request: StatusRequest 1310 Response: StatusResponse 1312 Request the current status of the mesh as seen by the portal to which 1313 it is directed. 1315 The response to the status request contains the last signed 1316 checkpoint and proof chains for each of the peer portals that have 1317 been checkpointed. 1319 [Not currently implemented] 1321 3.11.1. Message: StatusRequest 1323 Inherits: MeshRequest 1325 Initiates a status transaction. 1327 [No fields] 1329 3.11.2. Message: StatusResponse 1331 Reports the success or failure of a Status transaction. 1333 Inherits: MeshResponse 1335 Inherits: MeshResponse 1337 LastWriteTime: DateTime (Optional) Time that the last write update 1338 was made to the Mesh 1340 LastCheckpointTime: DateTime (Optional) Time that the last Mesh 1341 checkpoint was calculated. 1343 NextCheckpointTime: DateTime (Optional) Time at which the next Mesh 1344 checkpoint should be calculated. 1346 CheckpointValue: String (Optional) Last checkpoint value. 1348 3.12. Transaction: ConnectStart 1350 Request: ConnectStartRequest 1352 Request: ConnectStartRequest 1354 Response: ConnectStartResponse 1356 Request connection of a new device to a mesh profile 1358 3.12.1. Message: ConnectStartRequest 1360 Inherits: MeshRequest 1362 Initial device connection request. 1364 SignedRequest: SignedConnectionRequest (Optional) Device connection 1365 request signed by thesignature key of the device requesting 1366 connection. 1368 AccountID: String (Optional) Account identifier of account to which 1369 the device is requesting connection. 1371 3.12.2. Message: ConnectStartResponse 1373 Reports the success or failure of a ConnectStart transaction. 1375 Inherits: MeshRequest 1377 [No fields] 1379 3.13. Transaction: ConnectStatus 1381 Request: ConnectStatusRequest 1383 Request: ConnectStatusRequest 1385 Response: ConnectStatusResponse 1387 Request status of pending connection request of a new device to a 1388 mesh profile 1390 3.13.1. Message: ConnectStatusRequest 1392 Inherits: MeshRequest 1394 Request status information for a pending request posted previously. 1396 AccountID: String (Optional) Account identifier for which pending 1397 connection information is requested. 1399 DeviceID: String (Optional) Device identifier of device requesting 1400 status information. 1402 3.13.2. Message: ConnectStatusResponse 1404 Reports the success or failure of a ConnectStatus transaction. 1406 Inherits: MeshRequest 1408 Inherits: MeshRequest 1410 Result: SignedConnectionResult (Optional) The signed 1411 ConnectionResult object. 1413 3.14. Transaction: ConnectPending 1415 Request: ConnectPendingRequest 1417 Request: ConnectPendingRequest 1419 Response: ConnectPendingResponse 1421 Request a list of pending requests for an administration profile. 1423 3.14.1. Message: ConnectPendingRequest 1425 Inherits: MeshRequest 1427 Specify the criteria for pending requests. 1429 AccountID: String (Optional) The account identifier of the account 1430 for which pending connection requests are requested. 1432 SearchConstraints: SearchConstraints (Optional) Constrain the search 1433 to a specific time interval and/or limit the number and/or total 1434 size of data records returned. 1436 3.14.2. Message: ConnectPendingResponse 1438 Reports the success or failure of a ConnectPending transaction. 1440 Inherits: MeshRequest 1442 Inherits: MeshRequest 1444 Pending: SignedConnectionRequest [0..Many] A list of pending 1445 requests satisfying the criteria set out in the request. 1447 PageKey: String (Optional) If non-null, indicates that the number 1448 and/or size of the data records returned exceeds either the 1449 SearchConstraints specified in the request or internal server 1450 limits. 1452 3.15. Transaction: ConnectComplete 1454 Request: ConnectCompleteRequest 1456 Request: ConnectCompleteRequest 1458 Response: ConnectCompleteResponse 1460 Post response to a pending connection request. 1462 3.15.1. Message: ConnectCompleteRequest 1464 Reports the success or failure of a ConnectComplete transaction. 1466 Inherits: MeshRequest 1468 Inherits: MeshRequest 1470 Result: SignedConnectionResult (Optional) The connection result to 1471 be posted to the portal. The result MUST be signed by a valid 1472 administration key for the Mesh profile. 1474 AccountID: String (Optional) The account identifier to which the 1475 connection result is posted. 1477 3.15.2. Message: ConnectCompleteResponse 1479 Inherits: MeshRequest 1481 Reports the success or failure of a ConnectComplete transaction. 1483 [No fields] 1485 3.16. Transaction: Transfer 1487 Request: TransferRequest 1489 Request: TransferRequest 1491 Response: TransferResponse 1493 Perform a bulk transfer of the log between the specified transaction 1494 identifiers. Requires appropriate authorization 1496 [Not currently implemented] 1498 3.16.1. Message: TransferRequest 1500 Request a bulk transfer of the log between the specified transaction 1501 identifiers. Requires appropriate authorization 1503 Inherits: MeshRequest 1505 Inherits: MeshRequest 1507 SearchConstraints: SearchConstraints (Optional) Constrain the search 1508 to a specific time interval and/or limit the number and/or total 1509 size of data records returned. 1511 3.16.2. Message: TransferResponse 1513 Inherits: MeshResponse 1515 Reports the success or failure of a Transfer transaction. If 1516 successful, contains the list of Mesh records to be transferred. 1518 DataItems: DataItem [0..Many] List of mesh data records matching the 1519 request. 1521 PageKey: String (Optional) If non-null, indicates that the number 1522 and/or size of the data records returned exceeds either the 1523 SearchConstraints specified in the request or internal server 1524 limits. 1526 4. Assets 1528 4.1. Data 1530 4.2. Credentials 1532 4.3. Reputation 1534 4.3.1. Outbound Messaging Abuse () 1536 5. Risks 1538 5.1. Confidentiality 1540 Is a regulatory requirement GDPR/HIPPA 1542 5.1.1. Privacy 1544 Stronger requirement, given data but with restrictions on use 1546 Unintended use within an organization may put it in default 1548 GDPR 1550 HIPPA 1552 5.2. Integrity 1554 Modification of data enables control breaches 1556 5.3. Availability 1558 5.3.1. Data loss 1560 Loss of the pictures of the kids at 5 1562 5.3.2. Partial data survivability 1564 Where they buried Aunt Agatha's jewelry but not where they buried 1565 Aunt Agatha. 1567 5.4. Inbound Messaging Abuse (Spam) 1569 6. Threats 1571 6.1. End point Compromise 1573 6.2. 1575 7. Controls 1577 7.1. Cryptographic 1579 7.1.1. Triple lock 1581 7.1.1.1. Transport Security 1583 Traffic analysis protection 1585 7.1.1.2. Message Security 1587 Access control 1589 Authentication / Integrity 1591 7.1.1.3. Data Level Security 1593 Data Confidentiality 1595 Non-Repudiation 1597 7.1.2. Key Protection 1599 Use of platform provided facilities to bind private keys in the 1600 Device profile to the device is highly desirable. Ideally, private 1601 keys should be protected against extraction by hardware techniques 1602 presenting a high degree of resistance. 1604 7.1.2.1. Windows 1606 Use encrypted key store 1608 Preferably use BitLocker 1610 7.1.2.2. OSX 1612 Use Key Ring 1614 7.1.2.3. iOS 1616 Use ??? 1618 7.1.2.4. Linux 1620 Use the DBUS mechanism 1622 7.1.2.5. Android 1624 Hope and prayers. 1626 7.1.3. Key and Nonce Generation 1628 Use strong mechanisms as described in RFC??? 1630 Use of key co-generation as described in part 8 is advised 1632 7.1.4. Key Escrow and Recovery 1634 Master profile keys should be escrowed 1636 Escrow strategies for DARE should take account of the fact that users 1637 may want some but not all their data assets to survive them. 1639 7.1.5. Profile Verification 1641 Check that the device credential has been signed by an administration 1642 device and that the administration device was properly authorized by 1643 the master profile. 1645 Device catalog MUST be signed by the admin device. 1647 Future ? provide protection against rollback attacks. 1649 7.1.6. Identity Validation 1651 See the separate document on the trust model 1653 7.1.7. Trust Broker Accountability 1655 Cert transparency type techniques 1657 7.2. Mesh Messaging 1659 7.2.1. Ingress Control 1661 Every message is subject to access control 1663 Mesh Services should perform abuse filtering on inbound mail 1665 Mesh Services MUST apply user specified ingress control as specified 1666 in their contacts catalog. 1668 7.2.2. Egress Control 1670 Some applications may require egress control 1672 For example, classified environments 1674 Mail too stupid to send 1676 7.2.3. Security Signal 1678 Confirmation messages requiring payments 1680 Need Accountability 1682 Need to know the source of the accountability assertions 1684 Should be distinguished from sender controlled part of a message 1686 7.2.3.1. Brand 1688 If messages are being sent on behalf of a corporate entity, this 1689 should be signaled to both sender and receiver 1691 Sender ? remind them that they are speaking on behalf of another 1692 party 1694 Receiver ? establish who is speaking by the familiar technique. 1696 7.2.4. Accountability 1698 Authentication and consequences 1700 8. Security Considerations 1702 This document comprises the security considerations for the use and 1703 implementation of the Mathematical Mesh. 1705 8.1. Integrity 1707 8.1.1. DNS Spoofing 1709 8.1.2. TLS Downgrade 1711 8.1.3. TLS Service Impersonation 1713 8.1.4. Request Replay Attack 1715 8.1.5. Response Replay Attack 1717 8.2. Confidentiality 1719 8.2.1. Side Channel Attack 1721 8.2.2. Session Key Leakage 1723 9. IANA Considerations 1725 All the IANA considerations for the Mesh documents are specified in 1726 this document 1728 10. Acknowledgements 1730 A list of people who have contributed to the design of the Mesh is 1731 presented in [draft-hallambaker-mesh-architecture] . 1733 11. References 1735 11.1. Normative References 1737 [draft-hallambaker-mesh-architecture] 1738 Hallam-Baker, P., "Mathematical Mesh 3.0 Part I: 1739 Architecture Guide", draft-hallambaker-mesh- 1740 architecture-08 (work in progress), July 2019. 1742 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1743 Requirement Levels", BCP 14, RFC 2119, 1744 DOI 10.17487/RFC2119, March 1997. 1746 11.2. Informative References 1748 [draft-hallambaker-mesh-developer] 1749 Hallam-Baker, P., "Mathematical Mesh: Reference 1750 Implementation", draft-hallambaker-mesh-developer-08 (work 1751 in progress), April 2019. 1753 11.3. URIs 1755 [1] http://mathmesh.com/Documents/draft-hallambaker-mesh- 1756 security.html 1758 Author's Address 1760 Phillip Hallam-Baker 1762 Email: phill@hallambaker.com