Update 'src/tapir.md'
I few spelling fixes and comments where I got lost
This commit is contained in:
parent
1fe97ca482
commit
cd458777f7
12
src/tapir.md
12
src/tapir.md
|
@ -5,7 +5,7 @@ framework for building anonymous applications.
|
|||
|
||||
It is divided into a number of layers:
|
||||
|
||||
* Identity - An ed25519 keypair, required for established a Tor v3 onion service
|
||||
* Identity - An ed25519 keypair, required to establish a Tor v3 onion service
|
||||
and used to maintain a consistent cryptographic identity for a peer.
|
||||
* Connections - The raw networking protocol that connects two peers. Connections
|
||||
are so far only defined over Tor v3 Onion Services (see: [connectivity](./connectivity.md))
|
||||
|
@ -23,7 +23,7 @@ application.
|
|||
|
||||
### Identity
|
||||
|
||||
An ed25519 keypair, required for established a Tor v3 onion service
|
||||
An ed25519 keypair, required to establish a Tor v3 onion service
|
||||
and used to maintain a consistent cryptographic identity for a peer.
|
||||
|
||||
* InitializeIdentity - from a known, persistent keypair: \\(i,I\\)
|
||||
|
@ -100,17 +100,19 @@ we expect it to be protected via a preceeding app in an `ApplicationChain` e.g.
|
|||
|
||||
### Ephemeral Connections
|
||||
|
||||
Occasionally it is desirable to have a peer conenct to another / a service
|
||||
Occasionally it is desirable to have a peer connect to another / a service
|
||||
without using their long term identity (e.g. in the case of connecting to
|
||||
a Cwtch Server).
|
||||
|
||||
In this case we want to enable a convenient way to allow connecting with an
|
||||
ephemeral identity.
|
||||
|
||||
<!-- This is confusing "avoid side channel around avoid
|
||||
duplicate connections" -->
|
||||
It turns out that doing this securely requires maintaining a completely separate
|
||||
set of connections and applications in order to avoid side channel around avoid
|
||||
duplicate connections (i.e. if we did mix them up then a service might be able
|
||||
to exploit the fact that clients avid duplicate connections by attempting to
|
||||
to exploit the fact that clients avoid duplicate connections by attempting to
|
||||
connect to known-online peers and observing if they reject the connection
|
||||
because they already have an outbound ephemeral connection open.)
|
||||
|
||||
|
@ -125,7 +127,7 @@ recommend that peers maintain one long term service and multiple ephemeral
|
|||
**Status: Mitigated**
|
||||
|
||||
By default, tor v3 onion services only provide one-way authentication, that
|
||||
is the client can verify a metadata resistant connection to the server by the
|
||||
is the client can verify a metadata resistant connection to the server but the
|
||||
server obtained no information about the client.
|
||||
|
||||
Tapir provides a peer-to-peer interface over this client-server structure
|
||||
|
|
Loading…
Reference in New Issue