Skip to content
This repository has been archived by the owner on Sep 20, 2023. It is now read-only.

Messaging: Shared Key Expiration #1762

Open
micahalcorn opened this issue Sep 7, 2018 · 0 comments
Open

Messaging: Shared Key Expiration #1762

micahalcorn opened this issue Sep 7, 2018 · 0 comments
Labels
javascript messaging P4 Something to consider, a feature request that we may not pursue security

Comments

@micahalcorn
Copy link
Member

In order to support arbitration, we enable users to send their shared keys to arbitrators for message auditing. We need to handle expiration of those keys so that arbitrators cannot continue to eavesdrop on conversations that may arise involving the same participants. We need to also define the circumstances under which the key should expire. Should it happen automatically after the dispute is resolved? Should the participants explicitly revoke the arbitrator's access? Should a new shared key be generated each time one is sent to an arbitrator, effectively limiting the scope of the arbitrator's access to only messages that were sent prior to the grantor's explicit action?

😅 This is not a v1 priority. cc @wanderingstan
@micahalcorn micahalcorn transferred this issue from OriginProtocol/origin-js Mar 20, 2019
@micahalcorn micahalcorn added the P4 Something to consider, a feature request that we may not pursue label Apr 11, 2019
@micahalcorn micahalcorn mentioned this issue May 28, 2019
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
javascript messaging P4 Something to consider, a feature request that we may not pursue security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@micahalcorn