Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

addressing: Specify security protocols in multiaddr #353

Open
wants to merge 13 commits into
base: master
Choose a base branch
from
Open
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 27 additions & 0 deletions addressing/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,33 @@ within it. Using our example above, decapsulating either `/tcp/1234/ws` _or_
unsurprising if you consider the utility of the `/ip4/7.7.7.7/ws` address that
would result from simply removing the `tcp` component.

### The security multiaddr
marten-seemann marked this conversation as resolved.
Show resolved Hide resolved

Peers MAY advertise their addresses without the security protocol, e.g.
marten-seemann marked this conversation as resolved.
Show resolved Hide resolved
`/ip4/6.6.6.6/tcp/1234/` or `/ip4/6.6.6.6/udp/1234/quic`. The security handshake
protocol is then negotiated using the [multistream](../multistream.md). This is
marten-seemann marked this conversation as resolved.
Show resolved Hide resolved
the way the libp2p handshake worked until mid 2021.
This poses a security problem, as the negotiation was not authenticated and
therefore susceptible to man-in-the-middle attacks. A MITM could modify the list
of supported handshake protocols, thereby forcing a downgrade to a (potentially)
less secure handshake protocol. Note that since QUIC is standardized to use
TLS 1.3, no handshake protocol needs to be negotiated when using QUIC.

Peers SHOULD encapsulate the security protocol in the addresses they advertise,
mxinden marked this conversation as resolved.
Show resolved Hide resolved
for example `/ip4/6.6.6.6/tcp/1234/tls` for a TLS 1.3 server listening on TCP
port 1234 and `/ip4/6.6.6.6/tcp/1235/noise` for a Noise server listening on TCP
port 1235. QUIC multiaddrs remain unchanged.
mxinden marked this conversation as resolved.
Show resolved Hide resolved
The nodes jump straight into a cryptographic handshake, thus curtailing the
possibility of packet-inspection-based censorship and dynamic downgrade attacks.
This also applies to circuit addresses: the security protocol is encoded in the
`<destination address>` as defined in [`p2p-circuit` Relay Addresses](#p2p-circuit-relay-addresses).

marten-seemann marked this conversation as resolved.
Show resolved Hide resolved
Implementations using [Protocol Select](https://github.com/libp2p/specs/pull/349/)
(**TODO**: update link) MUST encapsulate the security protocol in the multiaddr.
Note that it’s valid to assume that any node that encapsulated the security
protocol in their multiaddr also supports Protocol Select.
marten-seemann marked this conversation as resolved.
Show resolved Hide resolved


### The p2p multiaddr

libp2p defines the `p2p` multiaddr protocol, whose address component is the
Expand Down