Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Discussion: Security profile of DSNP #262

Open
wesbiggs opened this issue Nov 9, 2023 · 1 comment
Open

Discussion: Security profile of DSNP #262

wesbiggs opened this issue Nov 9, 2023 · 1 comment

Comments

@wesbiggs
Copy link
Member

wesbiggs commented Nov 9, 2023

It was been suggested that we incorporate some level-setting remarks on privacy and security into the specification.

  • What is the purpose of encryption in DSNP?
  • How does or doesn't this compare to end-to-end encryption in protocols like Signal?
  • What levels of privacy can/can't DSNP ensure? What could well funded state actors do now and in the future?
  • How can the specification anticipate a potential post-quantum cryptography environment?
  • What are the privacy and security implications of DSNP's delegation model?
  • What are the privacy and security implications of key sharing with providers?

@shannonwells feel free to add/edit.
@shannonwells
Copy link
Collaborator

I think this is pretty good; I propose "acceptance criteria" for any resulting changes be documentation that is fairly easy to understand if you are new to DSNP. It may need to include glossary items or links to definitions of various security terms. There might be also a tl;dr, "plain language" section for this purpose.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shannonwells @wesbiggs