anastasis

Credential backup and recovery protocol and service
Log | Files | Refs | Submodules | README | LICENSE
commit d38138b69c2f46c0a1fdf6d5971cc2ae0a9447dd
parent aab474bed915172f40c161818e65091158d3e410
Author: Florian Dold <florian@dold.me>
Date:   Thu, 21 Oct 2021 08:25:19 +0200

get rid of policy download signature, explain upload signature better

Diffstat:

Mdoc/sphinx/cryptography.rst | 19+++----------------


Mdoc/sphinx/rest.rst | 1-


2 files changed, 3 insertions(+), 17 deletions(-)

diff --git a/doc/sphinx/cryptography.rst b/doc/sphinx/cryptography.rst
@@ -233,7 +233,9 @@ Signatures
 ----------
 
 The EdDSA keys are used to sign the data sent from the client to the
-server. Everything the client sends to server is signed. The following
+server. This signature ensures that an adversary that observes the upload is not
+able to upload a new version of the policy without knowing the user's identity attributes.
+The signature is made over a hash of the request body. The following
 algorithm is equivalent for **Anastasis-Policy-Signature**.
 
 .. code-block:: none
@@ -248,21 +250,6 @@ algorithm is equivalent for **Anastasis-Policy-Signature**.
 **ver_res**: A boolean value. True: Signature verification passed, False: Signature verification failed.
 
 
-When requesting policy downloads, the client must also provide a signature:
-
-.. code-block:: none
-
-    (anastasis-account-signature) := eddsa_sign(version, eddsa_priv)
-    ver_res := eddsa_verifiy(version, anastasis-account-signature, eddsa_pub)
-
-**anastasis-account-signature**: Signature over the SHA-512 hash of the body using the purpose code ``TALER_SIGNATURE_ANASTASIS_POLICY_DOWNLOAD`` (1401) (see GNUnet EdDSA signature API for the use of purpose).
-
-**version**: The version requested as a 64-bit integer, 2^64-1 for the "latest version".
-
-**ver_res**: A boolean value. True: Signature verification passed, False: Signature verification failed.
-
-
-
 Availability Considerations
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
diff --git a/doc/sphinx/rest.rst b/doc/sphinx/rest.rst
@@ -187,7 +187,6 @@ In the following, UUID is always defined and used according to `RFC 4122`_.
   *If-None-Match*: If this is not the very first request of the client, this contains the Etag-value which the client has received before from the server.
   The client SHOULD send this header with every request (except for the first request) to avoid unnecessary downloads.
 
-  *Anastasis-Account-Signature*: The client must provide Base-32 encoded EdDSA signature over hash of body with ``$ACCOUNT_PRIV``, affirming desire to download the requested encrypted recovery document.  The purpose used MUST be ``TALER_SIGNATURE_ANASTASIS_POLICY_DOWNLOAD`` (1401).
 
 .. http:post:: /policy/$ACCOUNT_PUB