reorder
This commit is contained in:
parent
fbee3a6cfc
commit
3f2328622c
30
src/tapir.md
30
src/tapir.md
|
@ -98,20 +98,6 @@ we expect it to be protected via a preceeding app in an `ApplicationChain` e.g.
|
|||
|
||||
* No direct testing (tested via integration tests and unit tests)
|
||||
|
||||
### Ephemeral Connections
|
||||
|
||||
Occasionally it is desirable to have a peer connect to a service
|
||||
without using their long term identity (e.g. in the case of connecting to
|
||||
a Cwtch Server).
|
||||
|
||||
In this case we want to enable a convenient way to allow connecting with an
|
||||
**ephemeral identity**.
|
||||
|
||||
It turns out that doing this securely requires maintaining a completely separate
|
||||
set of connections and applications in order to avoid side channels caused by duplicate connections handling.
|
||||
|
||||
As such the Cwtch Protocol Engine maintains two disctinct connection pools, one for avowed connections and another
|
||||
for ephemeral connections. All connections to known Cwtch Servers are made through the ephemeral pool.
|
||||
|
||||
## Known Risks
|
||||
|
||||
|
@ -165,6 +151,22 @@ handling of such instances (such as returning an error when they are found
|
|||
allowing a handling application to retry the request if a connection with a
|
||||
given capability isn't returned)
|
||||
|
||||
### Ephemeral Connections
|
||||
|
||||
Occasionally it is desirable to have a peer connect to a service
|
||||
without using their long term identity (e.g. in the case of connecting to
|
||||
a Cwtch Server).
|
||||
|
||||
In this case we want to enable a convenient way to allow connecting with an
|
||||
**ephemeral identity**.
|
||||
|
||||
It turns out that doing this securely requires maintaining a completely separate
|
||||
set of connections and applications in order to avoid side channels caused by duplicate connections handling.
|
||||
|
||||
As such the Cwtch Protocol Engine maintains two disctinct connection pools, one for avowed connections and another
|
||||
for ephemeral connections. All connections to known Cwtch Servers are made through the ephemeral pool.
|
||||
|
||||
|
||||
## Testing Status
|
||||
|
||||
Tapir features a number of well-defined integration tests which exercise not
|
||||
|
|
Loading…
Reference in New Issue