[Cryptography] Mathmesh mailing list

Phillip Hallam-Baker phill at hallambaker.com
Tue Aug 13 11:12:14 EDT 2019


The IETF has started a discussion list for the Mathematical Mesh in
preparation for a Working Group forming BOF at the Singapore meeting in
November.

We should get started on the discussions later today. People here might
want to subscribe ahead of time.

mathmesh at ietf.org

Subscription page:

https://www.ietf.org/mailman/listinfo/mathmesh

The Mesh is two separate things at this point

1) A protocol that makes it easy to manage private keys (and other
application configuration data) across a user's devices.

2) The cryptographic platform that was originally designed to support (1)
but can be used to build applications in its own right. These technologies
include:

*UDF*
A generalized fingerprint format allowing digest values, cryptographic
keys, keyshares and nonces to be represented in compact (BASE 32 form).

*Data At Rest Envelope (DARE)*

A PKCS#7 type format for use with JSON signature and encryption and an
append only log format that supports BlockChain type integrity checks and
incremental encryption.

*Personal Mesh*

A JSON based client-side PKI. This has many of the features of SAML and
PKIX but is designed to support management of trust relationships and keys
from the point of view of the end-user.

*Mesh Account*

An extension of a Personal Mesh that represent's a particular external
persona (e.g. personal, business use).

*Mesh Service*

An untrusted cloud based service protocol that supports a messaging
infrastructure used to manage a personal Mesh.

*Meta Cryptography*

The Mesh makes use of a number of key splitting and key combining
techniques that are made possible by the features of Diffie Hellman and its
EC variants.


A key innovation in the Mesh is that unlike in traditional Internet
protocols where an account is created by and belongs to a service provider,
Mesh accounts are created by Mesh users and ultimately controlled by a
private key held by the user. Thus while Alice may begin by creating a
personal account and binding it to alice at example.com for service, she can
change her mind at any time and change her service provider to example.net.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20190813/afe1292f/attachment.htm>


More information about the cryptography mailing list