idnits 2.17.1 draft-hallambaker-mesh-security-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Authors' Addresses Section. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (9 March 2020) is 1508 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group P. M. Hallam-Baker 3 Internet-Draft ThresholdSecrets.com 4 Intended status: Informational 9 March 2020 5 Expires: 10 September 2020 7 Mathematical Mesh 3.0 Part VII: Security Considerations 8 draft-hallambaker-mesh-security-04 10 Abstract 12 The Mathematical Mesh 'The Mesh' is an end-to-end secure 13 infrastructure that facilitates the exchange of configuration and 14 credential data between multiple user devices. The core protocols of 15 the Mesh are described with examples of common use cases and 16 reference data. 18 [Note to Readers] 20 Discussion of this draft takes place on the MATHMESH mailing list 21 (mathmesh@ietf.org), which is archived at 22 https://mailarchive.ietf.org/arch/search/?email_list=mathmesh. 24 This document is also available online at 25 http://mathmesh.com/Documents/draft-hallambaker-mesh-security.html. 27 Status of This Memo 29 This Internet-Draft is submitted in full conformance with the 30 provisions of BCP 78 and BCP 79. 32 Internet-Drafts are working documents of the Internet Engineering 33 Task Force (IETF). Note that other groups may also distribute 34 working documents as Internet-Drafts. The list of current Internet- 35 Drafts is at https://datatracker.ietf.org/drafts/current/. 37 Internet-Drafts are draft documents valid for a maximum of six months 38 and may be updated, replaced, or obsoleted by other documents at any 39 time. It is inappropriate to use Internet-Drafts as reference 40 material or to cite them other than as "work in progress." 42 This Internet-Draft will expire on 10 September 2020. 44 Copyright Notice 46 Copyright (c) 2020 IETF Trust and the persons identified as the 47 document authors. All rights reserved. 49 This document is subject to BCP 78 and the IETF Trust's Legal 50 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 51 license-info) in effect on the date of publication of this document. 52 Please review these documents carefully, as they describe your rights 53 and restrictions with respect to this document. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 5 58 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5 59 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 5 60 2.2. Defined Terms . . . . . . . . . . . . . . . . . . . . . . 6 61 2.3. Related Specifications . . . . . . . . . . . . . . . . . 6 62 2.4. Implementation Status . . . . . . . . . . . . . . . . . . 6 63 2.5. Shared Classes . . . . . . . . . . . . . . . . . . . . . 6 64 2.5.1. Classes describing keys . . . . . . . . . . . . . . . 6 65 2.5.2. Structure: PublicKey . . . . . . . . . . . . . . . . 6 66 2.5.3. Structure: KeyComposite . . . . . . . . . . . . . . . 6 67 2.5.4. Structure: DeviceRecryptionKey . . . . . . . . . . . 6 68 2.5.5. Structure: KeyOverlay . . . . . . . . . . . . . . . . 7 69 2.5.6. Structure: EscrowedKeySet . . . . . . . . . . . . . . 7 70 2.6. Assertion classes . . . . . . . . . . . . . . . . . . . . 7 71 2.6.1. Structure: Assertion . . . . . . . . . . . . . . . . 7 72 2.6.2. Structure: Condition . . . . . . . . . . . . . . . . 7 73 2.6.3. Base Classes . . . . . . . . . . . . . . . . . . . . 7 74 2.6.4. Structure: Profile . . . . . . . . . . . . . . . . . 8 75 2.6.5. Structure: Connection . . . . . . . . . . . . . . . . 8 76 2.6.6. Structure: Activation . . . . . . . . . . . . . . . . 8 77 2.6.7. Structure: Permission . . . . . . . . . . . . . . . . 8 78 2.6.8. Structure: CatalogedEntry . . . . . . . . . . . . . . 9 79 2.6.9. Mesh Profile Classes . . . . . . . . . . . . . . . . 9 80 2.6.10. Structure: ProfileMesh . . . . . . . . . . . . . . . 9 81 2.6.11. Mesh Device Classes . . . . . . . . . . . . . . . . . 9 82 2.6.12. Structure: ProfileDevice . . . . . . . . . . . . . . 9 83 2.6.13. Structure: ActivationDevice . . . . . . . . . . . . . 9 84 2.6.14. Structure: ConnectionDevice . . . . . . . . . . . . . 10 85 2.6.15. Structure: CatalogedDevice . . . . . . . . . . . . . 10 86 2.6.16. Mesh Account Classes . . . . . . . . . . . . . . . . 10 87 2.6.17. Structure: ProfileAccount . . . . . . . . . . . . . . 10 88 2.6.18. Structure: ActivationAccount . . . . . . . . . . . . 11 89 2.6.19. Structure: ConnectionAccount . . . . . . . . . . . . 11 90 2.6.20. Structure: AccountEntry . . . . . . . . . . . . . . . 11 91 2.6.21. Structure: ConnectionApplication . . . . . . . . . . 12 92 2.6.22. Mesh Group Classes . . . . . . . . . . . . . . . . . 12 93 2.6.23. Structure: ProfileGroup . . . . . . . . . . . . . . . 12 94 2.6.24. Structure: ActivationGroup . . . . . . . . . . . . . 12 95 2.6.25. Structure: ConnectionGroup . . . . . . . . . . . . . 12 96 2.6.26. Mesh Service Classes . . . . . . . . . . . . . . . . 12 97 2.6.27. Structure: ProfileService . . . . . . . . . . . . . . 13 98 2.6.28. Structure: ConnectionService . . . . . . . . . . . . 13 99 2.6.29. Mesh Host Classes . . . . . . . . . . . . . . . . . . 13 100 2.6.30. Structure: ProfileHost . . . . . . . . . . . . . . . 13 101 2.6.31. Structure: ConnectionHost . . . . . . . . . . . . . . 13 102 2.7. Cataloged items . . . . . . . . . . . . . . . . . . . . . 13 103 2.7.1. Data Structures . . . . . . . . . . . . . . . . . . . 13 104 2.7.2. Structure: ContactMesh . . . . . . . . . . . . . . . 13 105 2.7.3. Structure: Contact . . . . . . . . . . . . . . . . . 13 106 2.7.4. Structure: Role . . . . . . . . . . . . . . . . . . . 14 107 2.7.5. Structure: Address . . . . . . . . . . . . . . . . . 14 108 2.7.6. Structure: Location . . . . . . . . . . . . . . . . . 14 109 2.7.7. Structure: Reference . . . . . . . . . . . . . . . . 15 110 2.7.8. Structure: Task . . . . . . . . . . . . . . . . . . . 15 111 2.8. Catalog Entries . . . . . . . . . . . . . . . . . . . . . 16 112 2.8.1. Structure: CatalogedCredential . . . . . . . . . . . 16 113 2.8.2. Structure: CatalogedNetwork . . . . . . . . . . . . . 16 114 2.8.3. Structure: CatalogedContact . . . . . . . . . . . . . 16 115 2.8.4. Structure: CatalogedContactRecryption . . . . . . . . 16 116 2.8.5. Structure: CatalogedBookmark . . . . . . . . . . . . 17 117 2.8.6. Structure: CatalogedTask . . . . . . . . . . . . . . 17 118 2.8.7. Structure: CatalogedApplication . . . . . . . . . . . 17 119 2.8.8. Structure: CatalogedMember . . . . . . . . . . . . . 17 120 2.8.9. Structure: CatalogedGroup . . . . . . . . . . . . . . 17 121 2.8.10. Structure: CatalogedApplicationSSH . . . . . . . . . 17 122 2.8.11. Structure: CatalogedApplicationMail . . . . . . . . . 17 123 2.8.12. Structure: CatalogedApplicationNetwork . . . . . . . 18 124 2.9. Messages . . . . . . . . . . . . . . . . . . . . . . . . 18 125 2.9.1. Structure: Message . . . . . . . . . . . . . . . . . 18 126 2.9.2. Structure: MessageComplete . . . . . . . . . . . . . 18 127 2.9.3. Structure: MessagePIN . . . . . . . . . . . . . . . . 18 128 2.9.4. Structure: RequestConnection . . . . . . . . . . . . 18 129 2.9.5. Structure: AcknowledgeConnection . . . . . . . . . . 19 130 2.9.6. Structure: RespondConnection . . . . . . . . . . . . 19 131 2.9.7. Structure: OfferGroup . . . . . . . . . . . . . . . . 19 132 2.9.8. Structure: RequestContact . . . . . . . . . . . . . . 19 133 2.9.9. Structure: ReplyContact . . . . . . . . . . . . . . . 20 134 2.9.10. Structure: GroupInvitation . . . . . . . . . . . . . 20 135 2.9.11. Structure: RequestConfirmation . . . . . . . . . . . 20 136 2.9.12. Structure: ResponseConfirmation . . . . . . . . . . . 20 137 2.9.13. Structure: RequestTask . . . . . . . . . . . . . . . 20 138 3. Mesh Portal Service Reference . . . . . . . . . . . . . . . . 20 139 3.1. Request Messages . . . . . . . . . . . . . . . . . . . . 21 140 3.1.1. Message: MeshRequest . . . . . . . . . . . . . . . . 21 141 3.2. Response Messages . . . . . . . . . . . . . . . . . . . . 21 142 3.2.1. Message: MeshResponse . . . . . . . . . . . . . . . . 21 143 3.3. Imported Objects . . . . . . . . . . . . . . . . . . . . 21 144 3.4. Common Structures . . . . . . . . . . . . . . . . . . . . 21 145 3.4.1. Structure: KeyValue . . . . . . . . . . . . . . . . . 21 146 3.4.2. Structure: SearchConstraints . . . . . . . . . . . . 22 147 3.5. Transaction: Hello . . . . . . . . . . . . . . . . . . . 22 148 3.6. Transaction: ValidateAccount . . . . . . . . . . . . . . 22 149 3.6.1. Message: ValidateRequest . . . . . . . . . . . . . . 23 150 3.6.2. Message: ValidateResponse . . . . . . . . . . . . . . 23 151 3.7. Transaction: CreateAccount . . . . . . . . . . . . . . . 24 152 3.7.1. Message: CreateRequest . . . . . . . . . . . . . . . 24 153 3.7.2. Message: CreateResponse . . . . . . . . . . . . . . . 24 154 3.8. Transaction: DeleteAccount . . . . . . . . . . . . . . . 24 155 3.8.1. Message: DeleteRequest . . . . . . . . . . . . . . . 24 156 3.8.2. Message: DeleteResponse . . . . . . . . . . . . . . . 25 157 3.9. Transaction: Get . . . . . . . . . . . . . . . . . . . . 25 158 3.9.1. Message: GetRequest . . . . . . . . . . . . . . . . . 25 159 3.9.2. Message: GetResponse . . . . . . . . . . . . . . . . 26 160 3.10. Transaction: Publish . . . . . . . . . . . . . . . . . . 26 161 3.10.1. Message: PublishRequest . . . . . . . . . . . . . . 26 162 3.10.2. Message: PublishResponse . . . . . . . . . . . . . . 26 163 3.11. Transaction: Status . . . . . . . . . . . . . . . . . . . 26 164 3.11.1. Message: StatusRequest . . . . . . . . . . . . . . . 27 165 3.11.2. Message: StatusResponse . . . . . . . . . . . . . . 27 166 3.12. Transaction: ConnectStart . . . . . . . . . . . . . . . . 27 167 3.12.1. Message: ConnectStartRequest . . . . . . . . . . . . 27 168 3.12.2. Message: ConnectStartResponse . . . . . . . . . . . 28 169 3.13. Transaction: ConnectStatus . . . . . . . . . . . . . . . 28 170 3.13.1. Message: ConnectStatusRequest . . . . . . . . . . . 28 171 3.13.2. Message: ConnectStatusResponse . . . . . . . . . . . 28 172 3.14. Transaction: ConnectPending . . . . . . . . . . . . . . . 28 173 3.14.1. Message: ConnectPendingRequest . . . . . . . . . . . 29 174 3.14.2. Message: ConnectPendingResponse . . . . . . . . . . 29 175 3.15. Transaction: ConnectComplete . . . . . . . . . . . . . . 29 176 3.15.1. Message: ConnectCompleteRequest . . . . . . . . . . 29 177 3.15.2. Message: ConnectCompleteResponse . . . . . . . . . . 30 178 3.16. Transaction: Transfer . . . . . . . . . . . . . . . . . . 30 179 3.16.1. Message: TransferRequest . . . . . . . . . . . . . . 30 180 3.16.2. Message: TransferResponse . . . . . . . . . . . . . 30 181 4. Assets . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 182 4.1. Data . . . . . . . . . . . . . . . . . . . . . . . . . . 31 183 4.2. Credentials . . . . . . . . . . . . . . . . . . . . . . . 31 184 4.3. Reputation . . . . . . . . . . . . . . . . . . . . . . . 31 185 4.3.1. Outbound Messaging Abuse () . . . . . . . . . . . . . 31 186 5. Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 187 5.1. Confidentiality . . . . . . . . . . . . . . . . . . . . . 31 188 5.1.1. Privacy . . . . . . . . . . . . . . . . . . . . . . . 31 189 5.2. Integrity . . . . . . . . . . . . . . . . . . . . . . . . 31 190 5.3. Availability . . . . . . . . . . . . . . . . . . . . . . 31 191 5.3.1. Data loss . . . . . . . . . . . . . . . . . . . . . . 31 192 5.3.2. Partial data survivability . . . . . . . . . . . . . 31 194 5.4. Inbound Messaging Abuse (Spam) . . . . . . . . . . . . . 32 195 6. Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 196 6.1. End point Compromise . . . . . . . . . . . . . . . . . . 32 197 7. Controls . . . . . . . . . . . . . . . . . . . . . . . . . . 32 198 7.1. Cryptographic . . . . . . . . . . . . . . . . . . . . . . 32 199 7.1.1. Triple lock . . . . . . . . . . . . . . . . . . . . . 32 200 7.1.2. Key Protection . . . . . . . . . . . . . . . . . . . 32 201 7.1.3. Key and Nonce Generation . . . . . . . . . . . . . . 33 202 7.1.4. Key Escrow and Recovery . . . . . . . . . . . . . . . 33 203 7.1.5. Profile Verification . . . . . . . . . . . . . . . . 33 204 7.1.6. Identity Validation . . . . . . . . . . . . . . . . . 33 205 7.1.7. Trust Broker Accountability . . . . . . . . . . . . . 33 206 7.2. Mesh Messaging . . . . . . . . . . . . . . . . . . . . . 34 207 7.2.1. Ingress Control . . . . . . . . . . . . . . . . . . . 34 208 7.2.2. Egress Control . . . . . . . . . . . . . . . . . . . 34 209 7.2.3. Security Signal . . . . . . . . . . . . . . . . . . . 34 210 7.2.4. Accountability . . . . . . . . . . . . . . . . . . . 34 211 8. Security Considerations . . . . . . . . . . . . . . . . . . . 34 212 8.1. Integrity . . . . . . . . . . . . . . . . . . . . . . . . 35 213 8.1.1. DNS Spoofing . . . . . . . . . . . . . . . . . . . . 35 214 8.1.2. TLS Downgrade . . . . . . . . . . . . . . . . . . . . 35 215 8.1.3. TLS Service Impersonation . . . . . . . . . . . . . . 35 216 8.1.4. Request Replay Attack . . . . . . . . . . . . . . . . 35 217 8.1.5. Response Replay Attack . . . . . . . . . . . . . . . 35 218 8.2. Confidentiality . . . . . . . . . . . . . . . . . . . . . 35 219 8.2.1. Side Channel Attack . . . . . . . . . . . . . . . . . 35 220 8.2.2. Session Key Leakage . . . . . . . . . . . . . . . . . 35 221 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35 222 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 35 223 11. Normative References . . . . . . . . . . . . . . . . . . . . 35 224 12. Informative References . . . . . . . . . . . . . . . . . . . 35 226 1. Introduction 228 2. Definitions 230 This section presents the related specifications and standard, the 231 terms that are used as terms of art within the documents and the 232 terms used as requirements language. 234 2.1. Requirements Language 236 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 237 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 238 document are to be interpreted as described in [RFC2119]. 240 2.2. Defined Terms 242 The terms of art used in this document are described in the _Mesh 243 Architecture Guide_ [draft-hallambaker-mesh-architecture]. 245 2.3. Related Specifications 247 The architecture of the Mathematical Mesh is described in the _Mesh 248 Architecture Guide_ [draft-hallambaker-mesh-architecture]. The Mesh 249 documentation set and related specifications are described in this 250 document. 252 2.4. Implementation Status 254 The implementation status of the reference code base is described in 255 the companion document [draft-hallambaker-mesh-developer]. 257 2.5. Shared Classes 259 The following classes are used as common elements in Mesh profile 260 specifications. 262 2.5.1. Classes describing keys 264 2.5.2. Structure: PublicKey 266 The PublicKey class is used to describe public key pairs and trust 267 assertions associated with a public key. 269 UDF: String (Optional) UDF fingerprint of the public key parameters/ 271 X509Certificate: Binary (Optional) List of X.509 Certificates 273 X509Chain: Binary [0..Many] X.509 Certificate chain. 275 X509CSR: Binary (Optional) X.509 Certificate Signing Request. 277 2.5.3. Structure: KeyComposite 279 Service: String (Optional) Service holding the additional 280 contribution 282 2.5.4. Structure: DeviceRecryptionKey 284 UDF: String (Optional) The fingerprint of the encryption key 286 Contact: Contact (Optional) The User's Mesh contact information 287 RecryptionKey: PublicKey (Optional) The recryption key 289 EnvelopedRecryptionKeyDevice: DareEnvelope (Optional) The decryption 290 key encrypted under the user's device key. 292 2.5.5. Structure: KeyOverlay 294 UDF: String (Optional) Fingerprint of the resulting composite key 295 (to allow verification) 297 BaseUDF: String (Optional) Fingerprint specifying the base key 299 2.5.6. Structure: EscrowedKeySet 301 A set of escrowed keys. 303 [No fields] 305 2.6. Assertion classes 307 Classes that are derived from an assertion. 309 2.6.1. Structure: Assertion 311 Parent class from which all assertion classes are derived 313 Names: String [0..Many] Fingerprints of index terms for profile 314 retrieval. The use of the fingerprint of the name rather than the 315 name itself is a precaution against enumeration attacks and other 316 forms of abuse. 318 Updated: DateTime (Optional) The time instant the profile was last 319 modified. 321 NotaryToken: String (Optional) A Uniform Notary Token providing 322 evidence that a signature was performed after the notary token was 323 created. 325 2.6.2. Structure: Condition 327 Parent class from which all condition classes are derived. 329 [No fields] 331 2.6.3. Base Classes 333 Abstract classes from which the Profile, Activation and Connection 334 classes are derrived. 336 2.6.4. Structure: Profile 338 Inherits: Assertion 340 Parent class from which all profile classes are derived 342 KeyOfflineSignature: PublicKey (Optional) The permanent signature 343 key used to sign the profile itself. The UDF of the key is used 344 as the permanent object identifier of the profile. Thus, by 345 definition, the KeySignature value of a Profile does not change 346 under any circumstance. The only case in which a 348 KeysOnlineSignature: PublicKey [0..Many] A Personal profile contains 349 at least one OSK which is used to sign device administration 350 application profiles. 352 2.6.5. Structure: Connection 354 Inherits: Assertion 356 SubjectUDF: String (Optional) UDF of the connection target. 358 AuthorityUDF: String (Optional) UDF of the connection source. 360 2.6.6. Structure: Activation 362 Inherits: Assertion 364 Contains the private activation information for a Mesh application 365 running on a specific device 367 EnvelopedConnection: DareEnvelope (Optional) The signed AssertionDev 368 iceConnection. 370 ActivationKey: String (Optional) The master secret from which all 371 the key contributions are derrived. 373 2.6.7. Structure: Permission 375 Name: String (Optional) 377 Role: String (Optional) 379 Capabilities: DareEnvelope (Optional) Keys or key contributions 380 enabling the operation to be performed 382 2.6.8. Structure: CatalogedEntry 384 Base class for cataloged Mesh data. 386 [No fields] 388 2.6.9. Mesh Profile Classes 390 A Mesh profile does not have activation or connection classes 391 associated with it. 393 It might be more consistent to represent administation devices as 394 activations on the ProfileMesh class though. 396 2.6.10. Structure: ProfileMesh 398 Inherits: Profile 400 Describes the long term parameters associated with a personal 401 profile. 403 KeysMasterEscrow: PublicKey [0..Many] A Personal Profile MAY contain 404 one or more PMEK keys to enable escrow of private keys used for 405 stored data. 407 KeyEncryption: PublicKey (Optional) Key used to pass encrypted data 408 to the device such as a DeviceUseEntry 410 2.6.11. Mesh Device Classes 412 2.6.12. Structure: ProfileDevice 414 Inherits: Profile 416 Describes a mesh device. 418 Description: String (Optional) Description of the device 420 KeyEncryption: PublicKey (Optional) Key used to pass encrypted data 421 to the device such as a DeviceUseEntry 423 KeyAuthentication: PublicKey (Optional) Key used to authenticate 424 requests made by the device. 426 2.6.13. Structure: ActivationDevice 428 Inherits: Activation 430 [No fields] 432 2.6.14. Structure: ConnectionDevice 434 Inherits: Connection 436 Permissions: Permission [0..Many] List of the permissions that the 437 device has been granted. 439 KeySignature: PublicKey (Optional) The signature key for use of the 440 device under the profile 442 KeyEncryption: PublicKey (Optional) The encryption key for use of 443 the device under the profile 445 KeyAuthentication: PublicKey (Optional) The authentication key for 446 use of the device under the profile 448 2.6.15. Structure: CatalogedDevice 450 Inherits: CatalogedEntry 452 Public device entry, indexed under the device ID 454 UDF: String (Optional) UDF of the signature key of the device in the 455 Mesh 457 EnvelopedProfileMesh: DareEnvelope (Optional) The Mesh profile 459 DeviceUDF: String (Optional) UDF of the signature key of the device 461 EnvelopedProfileDevice: DareEnvelope (Optional) The device profile 463 EnvelopedConnectionDevice: DareEnvelope (Optional) The public 464 assertion demonstrating connection of the Device to the Mesh 466 EnvelopedActivationDevice: DareEnvelope (Optional) The activations 467 of the device within the Mesh 469 Accounts: AccountEntry [0..Many] The accounts that this device is 470 connected to 472 2.6.16. Mesh Account Classes 474 2.6.17. Structure: ProfileAccount 476 Inherits: Profile 477 Account assertion. This is signed by the service hosting the 478 account. 480 ServiceIDs: String [0..Many] Service address(es). 482 MeshProfileUDF: String (Optional) Master profile of the account 483 being registered. 485 KeyEncryption: PublicKey (Optional) Key used to encrypt data under 486 this profile 488 KeyAuthentication: PublicKey (Optional) Key used to authenticate 489 requests made by the device. 491 2.6.18. Structure: ActivationAccount 493 Inherits: Activation 495 AccountUDF: String (Optional) The UDF of the account 497 KeyGroup: KeyComposite (Optional) The key contribution for the 498 decryption key for the device. NB this is NOT an overlay on the 499 device signature key, it is an overlay on the corresponding 500 recryption key. 502 2.6.19. Structure: ConnectionAccount 504 Inherits: Connection 506 ServiceID: String [0..Many] The list of service identifiers. 508 Permissions: Permission [0..Many] List of the permissions that the 509 device has been granted. 511 KeySignature: PublicKey (Optional) The signature key for use of the 512 device under the profile 514 KeyEncryption: PublicKey (Optional) The encryption key for use of 515 the device under the profile 517 KeyAuthentication: PublicKey (Optional) The authentication key for 518 use of the device under the profile 520 2.6.20. Structure: AccountEntry 522 Contains the Account information for an account with a 523 CatalogedDevice. 525 AccountUDF: String (Optional) UDF of the account profile 527 EnvelopedProfileAccount: DareEnvelope (Optional) The account profile 529 EnvelopedConnectionAccount: DareEnvelope (Optional) The connection 530 of this device to the account 532 EnvelopedActivationAccount: DareEnvelope (Optional) The activation 533 data for this device to the account 535 2.6.21. Structure: ConnectionApplication 537 Inherits: Connection 539 [No fields] 541 2.6.22. Mesh Group Classes 543 2.6.23. Structure: ProfileGroup 545 Inherits: Profile 547 Describes a group. Note that while a group is created by one person 548 who becomes its first administrator, control of the group may pass to 549 other administrators over time. 551 ServiceIDs: String [0..Many] Service address(es). 553 KeyEncryption: PublicKey (Optional) Key currently used to encrypt 554 data under this profile 556 2.6.24. Structure: ActivationGroup 558 Inherits: Activation 560 GroupUDF: String (Optional) The UDF of the group 562 2.6.25. Structure: ConnectionGroup 564 Describes the connection of a member to a group. 566 Inherits: Connection 568 KeyEncryption: KeyComposite (Optional) The decryption key for the 569 user within the group 571 2.6.26. Mesh Service Classes 572 2.6.27. Structure: ProfileService 574 Inherits: Profile 576 Profile of a Mesh Service 578 KeyAuthentication: PublicKey (Optional) Key used to authenticate 579 service connections. 581 2.6.28. Structure: ConnectionService 583 Inherits: Connection 585 [No fields] 587 2.6.29. Mesh Host Classes 589 2.6.30. Structure: ProfileHost 591 Inherits: Profile 593 KeyAuthentication: PublicKey (Optional) Key used to authenticate 594 service connections. 596 2.6.31. Structure: ConnectionHost 598 Inherits: Connection 600 [No fields] 602 2.7. Cataloged items 604 2.7.1. Data Structures 606 Classes describing data used in cataloged data. 608 2.7.2. Structure: ContactMesh 610 UDF: String (Optional) 612 ServiceID: String [0..Many] 614 2.7.3. Structure: Contact 616 Inherits: Assertion 618 MeshAccounts: DareEnvelope [0..Many] The Mesh Account Connection - 619 the main event really 621 Email: String (Optional) 623 Identifier: String (Optional) 625 FullName: String (Optional) 627 Title: String (Optional) 629 First: String (Optional) 631 Middle: String (Optional) 633 Last: String (Optional) 635 Suffix: String (Optional) 637 Labels: String [0..Many] 639 AssertionAccounts: ProfileAccount [0..Many] 641 Addresses: Address [0..Many] 643 Locations: Location [0..Many] 645 Roles: Role [0..Many] 647 2.7.4. Structure: Role 649 CompanyName: String (Optional) 651 Addresses: Address [0..Many] 653 Locations: Location [0..Many] 655 2.7.5. Structure: Address 657 URI: String (Optional) 659 Labels: String [0..Many] 661 2.7.6. Structure: Location 663 Appartment: String (Optional) 665 Street: String (Optional) 667 District: String (Optional) 668 Locality: String (Optional) 670 County: String (Optional) 672 Postcode: String (Optional) 674 Country: String (Optional) 676 2.7.7. Structure: Reference 678 MessageID: String (Optional) The received message to which this is a 679 response 681 ResponseID: String (Optional) Message that was generated in response 682 to the original (optional). 684 Relationship: String (Optional) The relationship type. This can be 685 Read, Unread, Accept, Reject. 687 2.7.8. Structure: Task 689 Key: String (Optional) Unique key. 691 Start: DateTime (Optional) 693 Finish: DateTime (Optional) 695 StartTravel: String (Optional) 697 FinishTravel: String (Optional) 699 TimeZone: String (Optional) 701 Title: String (Optional) 703 Description: String (Optional) 705 Location: String (Optional) 707 Trigger: String [0..Many] 709 Conference: String [0..Many] 711 Repeat: String (Optional) 713 Busy: Boolean (Optional) 715 2.8. Catalog Entries 717 2.8.1. Structure: CatalogedCredential 719 Inherits: CatalogedEntry 721 Protocol: String (Optional) 723 Service: String (Optional) 725 Username: String (Optional) 727 Password: String (Optional) 729 2.8.2. Structure: CatalogedNetwork 731 Inherits: CatalogedEntry 733 Protocol: String (Optional) 735 Service: String (Optional) 737 Username: String (Optional) 739 Password: String (Optional) 741 2.8.3. Structure: CatalogedContact 743 Inherits: CatalogedEntry 745 Self: Boolean (Optional) If true, this catalog entry is for the user 746 who created the catalog. To be valid, such an entry MUST be 747 signed by an administration key for the Mesh profile containing 748 the account to which the catalog belongs. 750 Key: String (Optional) Unique key. 752 Permissions: Permission [0..Many] List of the permissions that the 753 contact has been granted. 755 EnvelopedContact: DareEnvelope (Optional) The (signed) contact data. 757 2.8.4. Structure: CatalogedContactRecryption 759 Inherits: CatalogedContact 761 [No fields] 763 2.8.5. Structure: CatalogedBookmark 765 Inherits: CatalogedEntry 767 Uri: String (Optional) 769 Title: String (Optional) 771 Path: String (Optional) 773 2.8.6. Structure: CatalogedTask 775 Inherits: CatalogedEntry 777 EnvelopedTask: DareEnvelope (Optional) 779 Title: String (Optional) 781 Key: String (Optional) Unique key. 783 2.8.7. Structure: CatalogedApplication 785 Inherits: CatalogedEntry 787 Key: String (Optional) 789 2.8.8. Structure: CatalogedMember 791 UDF: String (Optional) 793 Inherits: CatalogedEntry 795 2.8.9. Structure: CatalogedGroup 797 Inherits: CatalogedApplication 799 Profile: ProfileGroup (Optional) 801 2.8.10. Structure: CatalogedApplicationSSH 803 Inherits: CatalogedApplication 805 [No fields] 807 2.8.11. Structure: CatalogedApplicationMail 809 Inherits: CatalogedApplication 811 [No fields] 813 2.8.12. Structure: CatalogedApplicationNetwork 815 Inherits: CatalogedApplication 817 [No fields] 819 2.9. Messages 821 2.9.1. Structure: Message 823 MessageID: String (Optional) 825 Sender: String (Optional) 827 Recipient: String (Optional) 829 References: Reference [0..Many] 831 2.9.2. Structure: MessageComplete 833 Inherits: Message 835 [No fields] 837 2.9.3. Structure: MessagePIN 839 Account: String (Optional) 841 Inherits: Message 843 Expires: DateTime (Optional) 845 PIN: String (Optional) 847 2.9.4. Structure: RequestConnection 849 Connection request message. This message contains the information 851 Inherits: Message 853 ServiceID: String (Optional) 855 EnvelopedProfileDevice: DareEnvelope (Optional) Device profile of 856 the device making the request. 858 ClientNonce: Binary (Optional) 859 PinUDF: String (Optional) Fingerprint of the PIN value used to 860 authenticate the request. 862 2.9.5. Structure: AcknowledgeConnection 864 Connection request message generated by a service on receipt of a 865 valid MessageConnectionRequestClient 867 Inherits: Message 869 EnvelopedRequestConnection: DareEnvelope (Optional) The client 870 connection request. 872 ServerNonce: Binary (Optional) 874 Witness: String (Optional) 876 2.9.6. Structure: RespondConnection 878 Respond to RequestConnection message to grant or refuse the 879 connection request. 881 Inherits: Message 883 Result: String (Optional) The response to the request. One of 884 "Accept", "Reject" or "Pending". 886 CatalogedDevice: CatalogedDevice (Optional) The device information. 887 MUST be present if the value of Result is "Accept". MUST be 888 absent or null otherwise. 890 2.9.7. Structure: OfferGroup 892 Inherits: Message 894 [No fields] 896 2.9.8. Structure: RequestContact 898 Inherits: Message 900 Reply: Boolean (Optional) 902 Subject: String (Optional) 904 Self: DareEnvelope (Optional) The contact data. 906 2.9.9. Structure: ReplyContact 908 Inherits: RequestContact 910 [No fields] 912 2.9.10. Structure: GroupInvitation 914 Inherits: Message 916 Text: String (Optional) 918 EncryptedPartDecrypt: DareEnvelope (Optional) 920 2.9.11. Structure: RequestConfirmation 922 Inherits: Message 924 Text: String (Optional) 926 2.9.12. Structure: ResponseConfirmation 928 Inherits: Message 930 Request: RequestConfirmation (Optional) 932 Accept: Boolean (Optional) 934 2.9.13. Structure: RequestTask 936 Inherits: Message 938 [No fields] 940 3. Mesh Portal Service Reference 942 HTTP Well Known Service Prefix: /.well-known/mmm 944 Every Mesh Portal Service transaction consists of exactly one request 945 followed by exactly one response. Mesh Service transactions MAY 946 cause modification of the data stored in the Mesh Portal or the Mesh 947 itself but do not cause changes to the connection state. The 948 protocol itself is thus idempotent. There is no set sequence in 949 which operations are required to be performed. It is not necessary 950 to perform a Hello transaction prior to a ValidateAccount, Publish or 951 any other transaction. 953 3.1. Request Messages 955 A Mesh Portal Service request consists of a payload object that 956 inherits from the MeshRequest class. When using the HTTP binding, 957 the request MUST specify the portal DNS address in the HTTP Host 958 field. 960 3.1.1. Message: MeshRequest 962 Base class for all request messages. 964 Portal: String (Optional) Name of the Mesh Portal Service to which 965 the request is directed. 967 3.2. Response Messages 969 A Mesh Portal Service response consists of a payload object that 970 inherits from the MeshResponse class. When using the HTTP binding, 971 the response SHOULD report the Status response code in the HTTP 972 response message. However the response code returned in the payload 973 object MUST always be considered authoritative. 975 3.2.1. Message: MeshResponse 977 Base class for all response messages. Contains only the status code 978 and status description fields. 980 [No fields] 982 3.3. Imported Objects 984 The Mesh Service protocol makes use of JSON objects defined in the 985 JOSE Signatgure and Encryption specifications. 987 3.4. Common Structures 989 The following common structures are used in the protocol messages: 991 3.4.1. Structure: KeyValue 993 Describes a Key/Value structure used to make queries for records 994 matching one or more selection criteria. 996 Key: String (Optional) The data retrieval key. 998 Value: String (Optional) The data value to match. 1000 3.4.2. Structure: SearchConstraints 1002 Specifies constraints to be applied to a search result. These allow 1003 a client to limit the number of records returned, the quantity of 1004 data returned, the earliest and latest data returned, etc. 1006 NotBefore: DateTime (Optional) Only data published on or after the 1007 specified time instant is requested. 1009 Before: DateTime (Optional) Only data published before the specified 1010 time instant is requested. This excludes data published at the 1011 specified time instant. 1013 MaxEntries: Integer (Optional) Maximum number of data entries to 1014 return. 1016 MaxBytes: Integer (Optional) Maximum number of data bytes to return. 1018 PageKey: String (Optional) Specifies a page key returned in a 1019 previous search operation in which the number of responses 1020 exceeded the specified bounds. 1022 When a page key is specified, all the other search parameters 1023 except for MaxEntries and MaxBytes are ignored and the service 1024 returns the next set of data responding to the earlier query. 1026 3.5. Transaction: Hello 1028 Request: HelloRequest 1030 Response: HelloResponse 1032 Report service and version information. 1034 The Hello transaction provides a means of determining which protocol 1035 versions, message encodings and transport protocols are supported by 1036 the service. 1038 3.6. Transaction: ValidateAccount 1040 Request: ValidateRequest 1042 Response: ValidateResponse 1044 Request validation of a proposed name for a new account. 1046 For validation of a user's account name during profile creation. 1048 3.6.1. Message: ValidateRequest 1050 Inherits: MeshRequest 1052 Describes the proposed account properties. Currently, these are 1053 limited to the account name but could be extended in future versions 1054 of the protocol. 1056 Account: String (Optional) Account name requested 1058 Reserve: Boolean (Optional) If true, request a reservation for the 1059 specified account name. Note that the service is not obliged to 1060 honor reservation requests. 1062 Language: String [0..Many] List of ISO language codes in order of 1063 preference. For creating explanatory text. 1065 3.6.2. Message: ValidateResponse 1067 Inherits: MeshResponse 1069 States whether the proposed account properties are acceptable and 1070 (optional) returns an indication of what properties are valid. 1072 Note that receiving a 'Valid' responseto a Validate Request does not 1073 guarantee creation of the account. In addition to the possibility 1074 that the account namecould be requested by another user between the 1075 Validate and Create transactions, a portal service MAY perform more 1076 stringent validation criteria when an account is actually being 1077 created. For example, checking with the authoritative list of 1078 current accounts rather than a cached copy. 1080 Valid: Boolean (Optional) If true, the specified account identifier 1081 is acceptable. If false, the account identifier is rejected. 1083 Minimum: Integer (Optional) Specifies the minimum length of an 1084 account name. 1086 Maximum: Integer (Optional) Specifies the maximum length of an 1087 account name. 1089 InvalidCharacters: String (Optional) A list of characters that the 1090 service does not accept in account names. The list of characters 1091 MAY not be exhaustive but SHOULD include any illegal characters in 1092 the proposed account name. 1094 Reason: String (Optional) Text explaining the reason an account name 1095 was rejected. 1097 3.7. Transaction: CreateAccount 1099 Request: CreateRequest 1101 Response: CreateResponse 1103 Request creation of a new portal account. 1105 Unlike a profile, a mesh account is specific to a particular Mesh 1106 portal. A mesh account must be created and accepted before a profile 1107 can be published. 1109 3.7.1. Message: CreateRequest 1111 Request creation of a new portal account. The request specifies the 1112 requested account identifier and the Mesh profile to be associated 1113 with the account. 1115 Inherits: MeshRequest 1117 Account: String (Optional) Account identifier requested. 1119 3.7.2. Message: CreateResponse 1121 Inherits: MeshResponse 1123 Reports the success or failure of a Create transaction. 1125 [No fields] 1127 3.8. Transaction: DeleteAccount 1129 Request: DeleteRequest 1131 Response: DeleteResponse 1133 Request deletion of a portal account. 1135 Deletes a portal account but not the underlying profile. Once 1136 registered, profiles are permanent. 1138 3.8.1. Message: DeleteRequest 1140 Request deletion of a new portal account. The request specifies the 1141 requested account identifier. 1143 Inherits: MeshRequest 1144 Account: String (Optional) Account identifier to be deleted. 1146 3.8.2. Message: DeleteResponse 1148 Inherits: MeshResponse 1150 Reports the success or failure of a Delete transaction. 1152 [No fields] 1154 3.9. Transaction: Get 1156 Request: GetRequest 1158 Response: GetResponse 1160 Search for data in the mesh that matches a set of properties 1161 described by a sequence of key/value pairs. 1163 3.9.1. Message: GetRequest 1165 Describes the Portal or Mesh data to be retreived. 1167 Inherits: MeshRequest 1169 Identifier: String (Optional) Lookup by profile ID 1171 Account: String (Optional) Lookup by Account ID 1173 KeyValues: KeyValue [0..Many] List of KeyValue pairs specifying the 1174 conditions to be met 1176 SearchConstraints: SearchConstraints (Optional) Constrain the search 1177 to a specific time interval and/or limit the number and/or total 1178 size of data records returned. 1180 Multiple: Boolean (Optional) If true return multiple responses if 1181 available 1183 Full: Boolean (Optional) If true, the client requests that the full 1184 Mesh data record be returned containing both the Mesh entry itself 1185 and the Mesh metadata that allows the date and time of the 1186 publication of the Mesh entry to be verified. 1188 3.9.2. Message: GetResponse 1190 Reports the success or failure of a Get transaction. If a Mesh entry 1191 matching the specified profile is found, containsthe list of entries 1192 matching the request. 1194 Inherits: MeshResponse 1196 DataItems: DataItem [0..Many] List of mesh data records matching the 1197 request. 1199 PageKey: String (Optional) If non-null, indicates that the number 1200 and/or size of the data records returned exceeds either the 1201 SearchConstraints specified in the request or internal server 1202 limits. 1204 3.10. Transaction: Publish 1206 Request: PublishRequest 1208 Response: PublishResponse 1210 Publish a profile or key escrow entry to the mesh. 1212 3.10.1. Message: PublishRequest 1214 Requests publication of the specified Mesh entry. 1216 Inherits: MeshRequest 1218 [No fields] 1220 3.10.2. Message: PublishResponse 1222 Reports the success or failure of a Publish transaction. 1224 Inherits: MeshResponse 1226 [No fields] 1228 3.11. Transaction: Status 1230 Request: StatusRequest 1232 Response: StatusResponse 1234 Request the current status of the mesh as seen by the portal to which 1235 it is directed. 1237 The response to the status request contains the last signed 1238 checkpoint and proof chains for each of the peer portals that have 1239 been checkpointed. 1241 [Not currently implemented] 1243 3.11.1. Message: StatusRequest 1245 Inherits: MeshRequest 1247 Initiates a status transaction. 1249 [No fields] 1251 3.11.2. Message: StatusResponse 1253 Reports the success or failure of a Status transaction. 1255 Inherits: MeshResponse 1257 LastWriteTime: DateTime (Optional) Time that the last write update 1258 was made to the Mesh 1260 LastCheckpointTime: DateTime (Optional) Time that the last Mesh 1261 checkpoint was calculated. 1263 NextCheckpointTime: DateTime (Optional) Time at which the next Mesh 1264 checkpoint should be calculated. 1266 CheckpointValue: String (Optional) Last checkpoint value. 1268 3.12. Transaction: ConnectStart 1270 Request: ConnectStartRequest 1272 Response: ConnectStartResponse 1274 Request connection of a new device to a mesh profile 1276 3.12.1. Message: ConnectStartRequest 1278 Inherits: MeshRequest 1280 Initial device connection request. 1282 SignedRequest: SignedConnectionRequest (Optional) Device connection 1283 request signed by thesignature key of the device requesting 1284 connection. 1286 AccountID: String (Optional) Account identifier of account to which 1287 the device is requesting connection. 1289 3.12.2. Message: ConnectStartResponse 1291 Reports the success or failure of a ConnectStart transaction. 1293 Inherits: MeshRequest 1295 [No fields] 1297 3.13. Transaction: ConnectStatus 1299 Request: ConnectStatusRequest 1301 Response: ConnectStatusResponse 1303 Request status of pending connection request of a new device to a 1304 mesh profile 1306 3.13.1. Message: ConnectStatusRequest 1308 Inherits: MeshRequest 1310 Request status information for a pending request posted previously. 1312 AccountID: String (Optional) Account identifier for which pending 1313 connection information is requested. 1315 DeviceID: String (Optional) Device identifier of device requesting 1316 status information. 1318 3.13.2. Message: ConnectStatusResponse 1320 Reports the success or failure of a ConnectStatus transaction. 1322 Inherits: MeshRequest 1324 Result: SignedConnectionResult (Optional) The signed 1325 ConnectionResult object. 1327 3.14. Transaction: ConnectPending 1329 Request: ConnectPendingRequest 1331 Response: ConnectPendingResponse 1333 Request a list of pending requests for an administration profile. 1335 3.14.1. Message: ConnectPendingRequest 1337 Inherits: MeshRequest 1339 Specify the criteria for pending requests. 1341 AccountID: String (Optional) The account identifier of the account 1342 for which pending connection requests are requested. 1344 SearchConstraints: SearchConstraints (Optional) Constrain the search 1345 to a specific time interval and/or limit the number and/or total 1346 size of data records returned. 1348 3.14.2. Message: ConnectPendingResponse 1350 Reports the success or failure of a ConnectPending transaction. 1352 Inherits: MeshRequest 1354 Pending: SignedConnectionRequest [0..Many] A list of pending 1355 requests satisfying the criteria set out in the request. 1357 PageKey: String (Optional) If non-null, indicates that the number 1358 and/or size of the data records returned exceeds either the 1359 SearchConstraints specified in the request or internal server 1360 limits. 1362 3.15. Transaction: ConnectComplete 1364 Request: ConnectCompleteRequest 1366 Response: ConnectCompleteResponse 1368 Post response to a pending connection request. 1370 3.15.1. Message: ConnectCompleteRequest 1372 Reports the success or failure of a ConnectComplete transaction. 1374 Inherits: MeshRequest 1376 Result: SignedConnectionResult (Optional) The connection result to 1377 be posted to the portal. The result MUST be signed by a valid 1378 administration key for the Mesh profile. 1380 AccountID: String (Optional) The account identifier to which the 1381 connection result is posted. 1383 3.15.2. Message: ConnectCompleteResponse 1385 Inherits: MeshRequest 1387 Reports the success or failure of a ConnectComplete transaction. 1389 [No fields] 1391 3.16. Transaction: Transfer 1393 Request: TransferRequest 1395 Response: TransferResponse 1397 Perform a bulk transfer of the log between the specified transaction 1398 identifiers. Requires appropriate authorization 1400 [Not currently implemented] 1402 3.16.1. Message: TransferRequest 1404 Request a bulk transfer of the log between the specified transaction 1405 identifiers. Requires appropriate authorization 1407 Inherits: MeshRequest 1409 SearchConstraints: SearchConstraints (Optional) Constrain the search 1410 to a specific time interval and/or limit the number and/or total 1411 size of data records returned. 1413 3.16.2. Message: TransferResponse 1415 Inherits: MeshResponse 1417 Reports the success or failure of a Transfer transaction. If 1418 successful, contains the list of Mesh records to be transferred. 1420 DataItems: DataItem [0..Many] List of mesh data records matching the 1421 request. 1423 PageKey: String (Optional) If non-null, indicates that the number 1424 and/or size of the data records returned exceeds either the 1425 SearchConstraints specified in the request or internal server 1426 limits. 1428 4. Assets 1430 4.1. Data 1432 4.2. Credentials 1434 4.3. Reputation 1436 4.3.1. Outbound Messaging Abuse () 1438 5. Risks 1440 5.1. Confidentiality 1442 Is a regulatory requirement GDPR/HIPPA 1444 5.1.1. Privacy 1446 Stronger requirement, given data but with restrictions on use 1448 Unintended use within an organization may put it in default 1450 GDPR 1452 HIPPA 1454 5.2. Integrity 1456 Modification of data enables control breaches 1458 5.3. Availability 1460 5.3.1. Data loss 1462 Loss of the pictures of the kids at 5 1464 5.3.2. Partial data survivability 1466 Where they buried Aunt Agatha's jewelry but not where they buried 1467 Aunt Agatha. 1469 5.4. Inbound Messaging Abuse (Spam) 1471 6. Threats 1473 6.1. End point Compromise 1475 7. Controls 1477 7.1. Cryptographic 1479 7.1.1. Triple lock 1481 7.1.1.1. Transport Security 1483 Traffic analysis protection 1485 7.1.1.2. Message Security 1487 Access control 1489 Authentication / Integrity 1491 7.1.1.3. Data Level Security 1493 Data Confidentiality 1495 Non-Repudiation 1497 7.1.2. Key Protection 1499 Use of platform provided facilities to bind private keys in the 1500 Device profile to the device is highly desirable. Ideally, private 1501 keys should be protected against extraction by hardware techniques 1502 presenting a high degree of resistance. 1504 7.1.2.1. Windows 1506 Use encrypted key store 1508 Preferably use BitLocker 1510 7.1.2.2. OSX 1512 Use Key Ring 1514 7.1.2.3. iOS 1516 Use ??? 1518 7.1.2.4. Linux 1520 Use the DBUS mechanism 1522 7.1.2.5. Android 1524 Hope and prayers. 1526 7.1.3. Key and Nonce Generation 1528 Use strong mechanisms as described in RFC??? 1530 Use of key co-generation as described in part 8 is advised 1532 7.1.4. Key Escrow and Recovery 1534 Master profile keys should be escrowed 1536 Escrow strategies for DARE should take account of the fact that users 1537 may want some but not all their data assets to survive them. 1539 7.1.5. Profile Verification 1541 Check that the device credential has been signed by an administration 1542 device and that the administration device was properly authorized by 1543 the master profile. 1545 Device catalog MUST be signed by the admin device. 1547 Future ? provide protection against rollback attacks. 1549 7.1.6. Identity Validation 1551 See the separate document on the trust model 1553 7.1.7. Trust Broker Accountability 1555 Cert transparency type techniques 1557 7.2. Mesh Messaging 1559 7.2.1. Ingress Control 1561 Every message is subject to access control 1563 Mesh Services should perform abuse filtering on inbound mail 1565 Mesh Services MUST apply user specified ingress control as specified 1566 in their contacts catalog. 1568 7.2.2. Egress Control 1570 Some applications may require egress control 1572 For example, classified environments 1574 Mail too stupid to send 1576 7.2.3. Security Signal 1578 Confirmation messages requiring payments 1580 Need Accountability 1582 Need to know the source of the accountability assertions 1584 Should be distinguished from sender controlled part of a message 1586 7.2.3.1. Brand 1588 If messages are being sent on behalf of a corporate entity, this 1589 should be signaled to both sender and receiver 1591 Sender ? remind them that they are speaking on behalf of another 1592 party 1594 Receiver ? establish who is speaking by the familiar technique. 1596 7.2.4. Accountability 1598 Authentication and consequences 1600 8. Security Considerations 1602 This document comprises the security considerations for the use and 1603 implementation of the Mathematical Mesh. 1605 8.1. Integrity 1607 8.1.1. DNS Spoofing 1609 8.1.2. TLS Downgrade 1611 8.1.3. TLS Service Impersonation 1613 8.1.4. Request Replay Attack 1615 8.1.5. Response Replay Attack 1617 8.2. Confidentiality 1619 8.2.1. Side Channel Attack 1621 8.2.2. Session Key Leakage 1623 9. IANA Considerations 1625 All the IANA considerations for the Mesh documents are specified in 1626 this document 1628 10. Acknowledgements 1630 A list of people who have contributed to the design of the Mesh is 1631 presented in [draft-hallambaker-mesh-architecture]. 1633 11. Normative References 1635 [draft-hallambaker-mesh-architecture] 1636 Hallam-Baker, P., "Mathematical Mesh 3.0 Part I: 1637 Architecture Guide", Work in Progress, Internet-Draft, 1638 draft-hallambaker-mesh-architecture-12, 16 January 2020, 1639 . 1642 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1643 Requirement Levels", BCP 14, RFC 2119, 1644 DOI 10.17487/RFC2119, March 1997, 1645 . 1647 12. Informative References 1649 [draft-hallambaker-mesh-developer] 1650 Hallam-Baker, P., "Mathematical Mesh: Reference 1651 Implementation", Work in Progress, Internet-Draft, draft- 1652 hallambaker-mesh-developer-09, 23 October 2019, 1653 .