Network Working Group P. Hallam-Baker
Internet-Draft Comodo Group Inc.
Intended status: Informational September 18, 2017
Expires: March 22, 2018

Mathematical Mesh: Reference
draft-hallambaker-mesh-reference-07

Abstract

The Mathematical Mesh ?The Mesh? is an end-to-end secure infrastructure that facilitates the exchange of configuration and credential data between multiple user devices. The core protocols of the Mesh are described with examples of common use cases and reference data.

This document is also available online at http://prismproof.org/Documents/draft-hallambaker-mesh-reference.html .

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on March 22, 2018.

Copyright Notice

Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

Table of Contents

1. Introduction

NB: The reference material in this document is generated from the schema used to derive the source code. The tool used to create this material has not been optimized to produce output for the IETF documentation format at this time. Consequently, the formatting is currently sub-optimal.

2. Definitions

This section presents the related specifications and standard, the terms that are used as terms of art within the documents and the terms used as requirements language.

2.1. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] .

2.2. Defined Terms

The terms of art used in this document are described in the Mesh Architecture Guide [draft-hallambaker-mesh-architecture] .

2.3. Related Specifications

The architecture of the Mathematical Mesh is described in the Mesh Architecture Guide [draft-hallambaker-mesh-architecture] . The Mesh documentation set and related specifications are described in this document.

2.4. Implementation Status

The implementation status of the reference code base is described in the companion document [draft-hallambaker-mesh-developer] .

3. Protocol Overview

[Account request does not specify the portal in the request body, only the HTTP package includes this information. This is probably a bug.]

3.1. Creating a new portal account

A user interacts with a Mesh service through a Mesh portal provider with which she establishes a portal account.

For user convenience, a portal account identifier has the familiar <username>@<domain> format established in [~RFC822].

For example Alice selects example.com as her portal provider and chooses the account name alice. Her portal account identifier is alice.

A user MAY establish accounts with multiple portal providers and/or change their portal provider at any time they choose.

3.1.1. Checking Account Identifier for uniqueness

The first step in creating a new account is to check to see if the chosen account identifier is available. This allows a client to validate user input and if necessary warn the user that they need to choose a new account identifier when the data is first entered.

The ValidateRequest message contains the requested account identifier and an optional language parameter to allow the service to provide informative error messages in a language the user understands. The Language field contains a list of ISO language identifier codes in order of preference, most preferred first. 

POST /.well-known/mmm/HTTP/1.1
Host: example.com
Content-Length: 90

{
  "ValidateRequest": {
    "Account": "test@prismproof.org",
    "Language": ["en-uk"]}}

Figure 1

The ValidateResponse message returns the result of the validation request in the Valid field. Note that even if the value true is returned, a subsequent account creation request MAY still fail. 

HTTP/1.1 200 OK
Date: Mon 18 Sep 2017 05:07:25
Content-Length: 190

{
  "ValidateResponse": {
    "Status": 201,
    "StatusDescription": "Operation completed successfully",
    "Valid": true,
    "Minimum": 1,
    "InvalidCharacters": ".,:;{}()[]<>?|\\@#"}}

Figure 2

[Note that for the sake of concise presentation, the HTTP binding information is omitted from future examples.]

3.2. Creating a new user profile

The first step in creating a new personal profile is to create a Master Profile object. This contains the long term Master Signing Key that will remain constant for the life of the profile, at least one Online Signature Key to be used for administering the personal profile and (optionally), one or more master escrow keys.

For convenience, the descriptions of the Master Signing Key, Online Signing Keys and Escrow Keys typically include PKIX certificates signed by the Master Signing Key. This allows PKIX based applications to make use of PKIX certificate chains to express the same trust relationships described in the Mesh. 

{
  "MasterProfile": {
    "Identifier": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
    "MasterSignatureKey": {
      "UDF": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
      "X509Certificate": "
MIIFXDCCBESgAwIBAgIQcL7ySTJG8wNHO591_XBcPzANBgkqhkiG9w0BAQ0FADAu
MSwwKgYDVQQDFiNNQzJUNy1KTkNJNS1ZTUFXNC0zWEhZTS1TQkdKTi1VTUY0QzAe
...
V3vWAmk5gx_bslvn62cX7-nXYHgNPhVzgsGZzyQ7xoQ"
,
      "PublicParameters": {
        "PublicKeyRSA": {
          "kid": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
          "n": "
0stVVlOfh0EjLAxxjUA3QqBf_YPgr_KpuwoeD0RFjhSGwVV-Sg1iXfW3vnzh9G45
VH0zf73WzlioIyzAKn_SX8K4VwqP0ruvRxh7tUjx6s9-eqTF_QLoGVy_yiGohjAh
TomN4RHKNzU6aXhAgQijFVDNhr72iSMxcQbR6-w2fowMhRWvuozgkWjEf87kaaU3
_D_4J3STB0Q_q8YmvHQzkcK9J44b0N3ElEGrpa_yztR2sDgZKF33wLoJIQqxnfKT
y2e5_zSkiitZVbdrrOBacf83tDayUnIqzi8tOObVl4PGmgAcDmsFXh5EyUlDDntW
7UoUvnXhO2vid80VNaKQBQ"
,
          "e": "
AQAB"
}}},
    "MasterEscrowKeys": [{
        "UDF": "MAL7U-IDBDI-R6BYF-SLY3J-MCTRX-HHTTG",
        "X509Certificate": "
MIIFXDCCBESgAwIBAgIQEG_YIz9AHtxBPygAWwXd1TANBgkqhkiG9w0BAQ0FADAu
MSwwKgYDVQQDFiNNQzJUNy1KTkNJNS1ZTUFXNC0zWEhZTS1TQkdKTi1VTUY0QzAe
...
pNfaAH5VutN_byCXIJcOO7RaG4_5Q1DJ9fg509R4YOA"
,
        "PublicParameters": {
          "PublicKeyRSA": {
            "kid": "MAL7U-IDBDI-R6BYF-SLY3J-MCTRX-HHTTG",
            "n": "
3pbzrDX60CicvkVauO18cilQgX49H_cABCw0kVTgR0m0bz7GX_cRXOEXRWrll6OA
ZJ3O_S5iWXT7ftschA_hHualfNtMCb1p3RmjpWKVNd24-Nk_V_miIej0xONCbWnc
LZW1uFLvHK4sj6LdlyVwri9NLzQF2rREXVtnQztl6HOpLEBbGGbYiXg1wyyfvCtt
aB1_YtMU5dvSupEGym1OLv5vj24Y7lY1CKQHWycSrwCoEVMsZvypqKftuwXZzY8f
4WTX3G1qZiU9Ay5OdUnTxoRhWUIWkC3wmRO5rNWhJvJv-3zU4ObKKAobz4qPBqbH
ddhkdoWZGBE9AGVXtuShXQ"
,
            "e": "
AQAB"
}}}],
    "OnlineSignatureKeys": [{
        "UDF": "MA7XV-ZOTDR-TXEDM-O2QP7-F7JTG-FGFFE",
        "X509Certificate": "
MIIFXTCCBEWgAwIBAgIRAI04UIvLHhp0RDWWNNAjKW0wDQYJKoZIhvcNAQENBQAw
LjEsMCoGA1UEAxYjTUMyVDctSk5DSTUtWU1BVzQtM1hIWU0tU0JHSk4tVU1GNEMw
...
-ACINNDOx-GsXY0-b8HsRzfdTHjW-r982VbEv06ZUz_E"
,
        "PublicParameters": {
          "PublicKeyRSA": {
            "kid": "MA7XV-ZOTDR-TXEDM-O2QP7-F7JTG-FGFFE",
            "n": "
z0GLRVQtom0B8eH-mYziccDixsLQeK8VUPENOb5jAF0QnOVITe1I-oq3wfotxxa6
_ehMLGUMPjSotKhEyjW7iFrkH9VCIPGMppqqU3sEWWzLvAAjdbOzAqTKWpjvXTfy
SDZO6f5pAcOQNVqoIE3lfrBfcB8wH_cciuhaxUp92E06FKyX5W76M7S2csGIaDPL
rDzJQFBNwuVLEOQ1CU3TlwNz99JL-jgBKCyt3cZBNM1yozJQDCiZMp6ffuR_bdcc
W8Y3sCzFIjd4Y4CskqjiYdij1lHcA_ppmAUKAbHwH5K3WVpVoXJGEg17GBAWtT1F
HyAvPtEnXvExYUEtcugaoQ"
,
            "e": "
AQAB"
}}}]}}

Figure 3

The Master Profile is always signed using the Master Signing Key: 

{
  "SignedMasterProfile": {
    "Identifier": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
    "SignedData": {
      "unprotected": {
        "dig": "S512"},
      "payload": "
ewogICJNYXN0ZXJQcm9maWxlIjogewogICAgIklkZW50aWZpZXIiOiAiTUMyVDct
Sk5DSTUtWU1BVzQtM1hIWU0tU0JHSk4tVU1GNEMiLAogICAgIk1hc3RlclNpZ25h
...
In19fV19fQ"
,
      "signatures": [{
          "header": {
            "kid": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C"},
          "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCmZVbDB3d3dHamZsSFNzdGVz
MjcwNG4tOVJMNURUTHdrSmYxdzJuQTh2SnFYNUFZSGpYMXNCcDlObTJhUl9zbHEK
QVZGbk5SRDl1dzRmbFJGQVF1NjlBdyJ9"
,
          "signature": "
Ij6qkuwdSEbllNnCh-Lbca9BwEBxOparME-tu0IDgJz9TwvAVLPSTyPnLA8oPxpU
YcSnHwWbj_1A3OMdYAfOZk6do4uNirrCc7l4meUvH8psl3t5avZtRzRu6LXkIuI9
myZzef2C3UvfIzdW3E26tzRHUKo3ytyHiurH_hbHkTAReLQA18DSsTv3qMtTcKgF
BovmL9BLLZlTT7qWt1mibEMJc4iG4RjkFnBResR6tB1Qq_cLYYLP1wB8H3LjBw5q
2KEXk-KZrXo1jBYnCed0qJX8axpI7fzLpCZIjMZJ_fz4gNXuNUaYpfqkiHFID41_
yruKcfxntvzVPQ3e8aVb0A"
}]}}}

Figure 4

Since the device used to create the personal profile is typically connected to the profile, a Device profile entry is created for it. This contains a Device Signing Key, a Device Encryption Key and a Device Authentication Key: 

{
  "JoseWebSignature": {
    "unprotected": {
      "dig": "S512"},
    "payload": "
ewogICJEZXZpY2VQcm9maWxlIjogewogICAgIklkZW50aWZpZXIiOiAiTUFVNjMt
WUJFSFQtRDJYUlYtUjJDRFQtRjMySFgtTEVXRFQiLAogICAgIk5hbWVzIjogWyJE
...
ZW9ESjNRIiwKICAgICAgICAgICJlIjogIgpBUUFCIn19fX19"
,
    "signatures": [{
        "header": {
          "kid": "MAU63-YBEHT-D2XRV-R2CDT-F32HX-LEWDT"},
        "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCm81TjhEQnpYbXAydlRZUGYy
cFdQN2dkdm9iZmpNNktsTEpFTjhyN3BsUGRPZjVQeHhVT3BvbEE2eWxTbnNXc0gK
dWVHSFJTNUdZLXFFWHhPcUhZSWZqUSJ9"
,
        "signature": "
MngvWlH1-_wpaiQ9vy9oYymY7HWY6lnyMqw9VvjAHyCOGK0la7WJTL74l4J5R1Ac
C3Hz2FH77gWraXksvEQICcUmfQA7L8RQ54yZ7Ns3VDutIjA6Mx6v-1LERCCUF3wJ
px85F7dgsS5NindawFAStOTnEq8zYHTi91tsKM0dGvELpXVuJqBA7DxK1qzLP21I
BhhCiiiB3zLMfMieBOZYlUshw8_bJi2cTpcpk4qf8ysAihZiCbVzRs6GKwxCY1qO
lCUkAqBwhALnNymGuhBNChwxGB0dJTtxtl_IghMqiJTdP2d1iQnBwQvu904kLTIQ
-nWESV29mAB_JaecLWSwBw"
}]}}

Figure 5

The Device Profile is signed using the Device Signing Key: 

{
  "SignedDeviceProfile": {
    "Identifier": "MAU63-YBEHT-D2XRV-R2CDT-F32HX-LEWDT",
    "SignedData": {
      "unprotected": {
        "dig": "S512"},
      "payload": "
ewogICJEZXZpY2VQcm9maWxlIjogewogICAgIklkZW50aWZpZXIiOiAiTUFVNjMt
WUJFSFQtRDJYUlYtUjJDRFQtRjMySFgtTEVXRFQiLAogICAgIk5hbWVzIjogWyJE
...
ZW9ESjNRIiwKICAgICAgICAgICJlIjogIgpBUUFCIn19fX19"
,
      "signatures": [{
          "header": {
            "kid": "MAU63-YBEHT-D2XRV-R2CDT-F32HX-LEWDT"},
          "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCm81TjhEQnpYbXAydlRZUGYy
cFdQN2dkdm9iZmpNNktsTEpFTjhyN3BsUGRPZjVQeHhVT3BvbEE2eWxTbnNXc0gK
dWVHSFJTNUdZLXFFWHhPcUhZSWZqUSJ9"
,
          "signature": "
MngvWlH1-_wpaiQ9vy9oYymY7HWY6lnyMqw9VvjAHyCOGK0la7WJTL74l4J5R1Ac
C3Hz2FH77gWraXksvEQICcUmfQA7L8RQ54yZ7Ns3VDutIjA6Mx6v-1LERCCUF3wJ
px85F7dgsS5NindawFAStOTnEq8zYHTi91tsKM0dGvELpXVuJqBA7DxK1qzLP21I
BhhCiiiB3zLMfMieBOZYlUshw8_bJi2cTpcpk4qf8ysAihZiCbVzRs6GKwxCY1qO
lCUkAqBwhALnNymGuhBNChwxGB0dJTtxtl_IghMqiJTdP2d1iQnBwQvu904kLTIQ
-nWESV29mAB_JaecLWSwBw"
}]}}}

Figure 6

A personal profile would typically contain at least one application when first created. For the sake of demonstration, we will do this later.

The personal profile thus consists of the master profile and the device profile: 

{
  "PersonalProfile": {
    "Identifier": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
    "SignedMasterProfile": {
      "Identifier": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
      "SignedData": {
        "unprotected": {
          "dig": "S512"},
        "payload": "
ewogICJNYXN0ZXJQcm9maWxlIjogewogICAgIklkZW50aWZpZXIiOiAiTUMyVDct
Sk5DSTUtWU1BVzQtM1hIWU0tU0JHSk4tVU1GNEMiLAogICAgIk1hc3RlclNpZ25h
...
In19fV19fQ"
,
        "signatures": [{
            "header": {
              "kid": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C"},
            "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCmZVbDB3d3dHamZsSFNzdGVz
MjcwNG4tOVJMNURUTHdrSmYxdzJuQTh2SnFYNUFZSGpYMXNCcDlObTJhUl9zbHEK
QVZGbk5SRDl1dzRmbFJGQVF1NjlBdyJ9"
,
            "signature": "
Ij6qkuwdSEbllNnCh-Lbca9BwEBxOparME-tu0IDgJz9TwvAVLPSTyPnLA8oPxpU
YcSnHwWbj_1A3OMdYAfOZk6do4uNirrCc7l4meUvH8psl3t5avZtRzRu6LXkIuI9
myZzef2C3UvfIzdW3E26tzRHUKo3ytyHiurH_hbHkTAReLQA18DSsTv3qMtTcKgF
BovmL9BLLZlTT7qWt1mibEMJc4iG4RjkFnBResR6tB1Qq_cLYYLP1wB8H3LjBw5q
2KEXk-KZrXo1jBYnCed0qJX8axpI7fzLpCZIjMZJ_fz4gNXuNUaYpfqkiHFID41_
yruKcfxntvzVPQ3e8aVb0A"
}]}},
    "Devices": [{
        "Identifier": "MAU63-YBEHT-D2XRV-R2CDT-F32HX-LEWDT",
        "SignedData": {
          "unprotected": {
            "dig": "S512"},
          "payload": "
ewogICJEZXZpY2VQcm9maWxlIjogewogICAgIklkZW50aWZpZXIiOiAiTUFVNjMt
WUJFSFQtRDJYUlYtUjJDRFQtRjMySFgtTEVXRFQiLAogICAgIk5hbWVzIjogWyJE
...
ZW9ESjNRIiwKICAgICAgICAgICJlIjogIgpBUUFCIn19fX19"
,
          "signatures": [{
              "header": {
                "kid": "MAU63-YBEHT-D2XRV-R2CDT-F32HX-LEWDT"},
              "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCm81TjhEQnpYbXAydlRZUGYy
cFdQN2dkdm9iZmpNNktsTEpFTjhyN3BsUGRPZjVQeHhVT3BvbEE2eWxTbnNXc0gK
dWVHSFJTNUdZLXFFWHhPcUhZSWZqUSJ9"
,
              "signature": "
MngvWlH1-_wpaiQ9vy9oYymY7HWY6lnyMqw9VvjAHyCOGK0la7WJTL74l4J5R1Ac
C3Hz2FH77gWraXksvEQICcUmfQA7L8RQ54yZ7Ns3VDutIjA6Mx6v-1LERCCUF3wJ
px85F7dgsS5NindawFAStOTnEq8zYHTi91tsKM0dGvELpXVuJqBA7DxK1qzLP21I
BhhCiiiB3zLMfMieBOZYlUshw8_bJi2cTpcpk4qf8ysAihZiCbVzRs6GKwxCY1qO
lCUkAqBwhALnNymGuhBNChwxGB0dJTtxtl_IghMqiJTdP2d1iQnBwQvu904kLTIQ
-nWESV29mAB_JaecLWSwBw"
}]}}],
    "Applications": []}}

Figure 7

The personal profile is then signed using the Online Signing Key: 

{
  "SignedPersonalProfile": {
    "Identifier": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
    "SignedData": {
      "unprotected": {
        "dig": "S512"},
      "payload": "
ewogICJQZXJzb25hbFByb2ZpbGUiOiB7CiAgICAiSWRlbnRpZmllciI6ICJNQzJU
Ny1KTkNJNS1ZTUFXNC0zWEhZTS1TQkdKTi1VTUY0QyIsCiAgICAiU2lnbmVkTWFz
...
b25zIjogW119fQ"
,
      "signatures": [{
          "header": {
            "kid": "MA7XV-ZOTDR-TXEDM-O2QP7-F7JTG-FGFFE"},
          "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCnhHUlFPY21qdGtWbHhMdTFh
RTJjS1JKN2k4MWN0NmQ4MTZGSTZxRHVOS3RGbm9MYjRybDhoM2NvSS1neGI5aEMK
V3ExY3B6cU81SHJDMHRNdDlvRk1CQSJ9"
,
          "signature": "
D4lfCt5MEKb-1xB4KFC62ZWZaiHnOLgiQOxGhUkuhx-hGnP6XUkyMBjM2Xn2ggeW
HTo7aa-SoeA8pEvCsX1udicW7uRqJPxUf4_fC4LxVhJko9pWkPs2BnuBcTlYjzKL
QuAx8Uby34lk_f2260R6gx9smxEAFuq-hE3KpPWOfa0_wDZnJ2T_LljDoDdThpef
fXuWfX9ehO7jGEObOWOImLb9anLrciLNIkxDgjs_urcAdsmciMBODIn5OtaUbxiU
zzRaOlofB3PFCWEg8bnJ4g9CsMbmUC0TfKAwtyvto5aD0z_t5JmKCyjrpeg6PlkV
NjmUpXfqwSE_E8Zmwv5PsQ"
}]}}}

Figure 8

3.2.1. Publishing a new user profile

Once the signed personal profile is created, the client can finaly make the request for the service to create the account. The request object contains the requested account identifier and profile: 

{
  "CreateRequest": {
    "Account": "test@prismproof.org",
    "Profile": {
      "SignedPersonalProfile": {
        "Identifier": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
        "SignedData": {
          "unprotected": {
            "dig": "S512"},
          "payload": "
ewogICJQZXJzb25hbFByb2ZpbGUiOiB7CiAgICAiSWRlbnRpZmllciI6ICJNQzJU
Ny1KTkNJNS1ZTUFXNC0zWEhZTS1TQkdKTi1VTUY0QyIsCiAgICAiU2lnbmVkTWFz
...
b25zIjogW119fQ"
,
          "signatures": [{
              "header": {
                "kid": "MA7XV-ZOTDR-TXEDM-O2QP7-F7JTG-FGFFE"},
              "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCnhHUlFPY21qdGtWbHhMdTFh
RTJjS1JKN2k4MWN0NmQ4MTZGSTZxRHVOS3RGbm9MYjRybDhoM2NvSS1neGI5aEMK
V3ExY3B6cU81SHJDMHRNdDlvRk1CQSJ9"
,
              "signature": "
D4lfCt5MEKb-1xB4KFC62ZWZaiHnOLgiQOxGhUkuhx-hGnP6XUkyMBjM2Xn2ggeW
HTo7aa-SoeA8pEvCsX1udicW7uRqJPxUf4_fC4LxVhJko9pWkPs2BnuBcTlYjzKL
QuAx8Uby34lk_f2260R6gx9smxEAFuq-hE3KpPWOfa0_wDZnJ2T_LljDoDdThpef
fXuWfX9ehO7jGEObOWOImLb9anLrciLNIkxDgjs_urcAdsmciMBODIn5OtaUbxiU
zzRaOlofB3PFCWEg8bnJ4g9CsMbmUC0TfKAwtyvto5aD0z_t5JmKCyjrpeg6PlkV
NjmUpXfqwSE_E8Zmwv5PsQ"
}]}}}}}

Figure 9

The service reports the success (or failure) of the account creation request: 

{
  "CreateResponse": {
    "Status": 201,
    "StatusDescription": "Operation completed successfully"}}

Figure 10

3.3. Connecting a device profile to a user profile

Connecting a device to a profile requires the client on the new device to interact with a client on a device that has administration capabilities, i.e. it has access to an Online Signing Key. Since clients cannot interact directly with other clients, a service is required to mediate the connection. This service is provided by a Mesh portal provider.

All service transactions are initiated by the clients. First the connecting device posts ConnectStart, after which it may poll for the outcome of the connection request using ConnectStatus.

Periodically, the Administration Device polls for a list of pending connection requests using ConnectPending. After posting a request, the administration device posts the result using ConnectComplete: 

Connecting                  Mesh                 Administration
  Device                   Service                   Device

	|                         |                         |
	|      ConnectStart       |                         |
	| ----------------------> |                         |
	|                         |      ConnectPending     |
	|                         | <---------------------- |
	|                         |                         |
	|                         |      ConnectComplete    |
	|                         | <---------------------- |
	|      ConnectStatus      |                         |
	| ----------------------> |                         |

Figure 11

The first step in the process is for the client to generate a device profile. Ideally the device profile is bound to the device in a read-only fashion such that applications running on the device can make use of the deencryption and authentication keys but these private keys cannot be extracted from the device: 

{
  "DeviceProfile": {
    "Identifier": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
    "Names": ["Default"],
    "Description": "Unknown",
    "DeviceSignatureKey": {
      "UDF": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
      "PublicParameters": {
        "PublicKeyRSA": {
          "kid": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
          "n": "
zqnfQp2q3wV31KUAMuvMkLTZ29SfqKuIIeGKWhrTMDoMKoj_NKqBaSmXh5ggsl2_
9IkhaddFKwzJkYokxII5PQfPio9E8Kwp1roVOVhSRjVvQgIFTu43HNOL5EtO6ofN
iHbjtE8VhW4f827q_ViU3zfoRdyMRV_RYb8OV5bIFzWeKMjm8tYO_QbMZL5VYjJ_
w5exDxq_-3l8tXA84RggCDWWVg-zXkmfOYVyV0T5zW9vUe4SFQQHBWtBy2nVh1-i
zNDPdJwgixh7Ey8vB3Wd_QcxFmoLZeDrGOIqZ4bVwC3wQdwb26GV3jJH30sQ46pw
w5nSX-oCnKLFtBORIPOE2Q"
,
          "e": "
AQAB"
}}},
    "DeviceAuthenticationKey": {
      "UDF": "MAMIP-V4HJY-EV2VR-2TL6C-22VZU-QAZT4",
      "PublicParameters": {
        "PublicKeyRSA": {
          "kid": "MAMIP-V4HJY-EV2VR-2TL6C-22VZU-QAZT4",
          "n": "
2HzzkEgoaqLyEf7MsykSt8l9rVUEgjNc9QJSw6-_kzKrOmmJaHS0KUWUKGR6G-Ps
QvG6TBAnGYzwihwCz8OoTqvwIXQGeI_4Wg_jwSj5qMWXgb2bIskbnQxJBxNMmLU_
i7-EnuqYwwvy2DBKMz4p4-dJaiISPKZUXnrJQq6jotdMniAuVMWFMMif2Y3-DNGn
I7yBo3_KPmzqRID1EQJxWU0YffPo2bS8lcJTeiIQeViRtPpN7rEyvSVmoWirG_XY
LijjQnpZUdC_UZNTkdFkpZkJU-_IcWbegmEoxTbXgOdeGNy1SgEjNTUqUoiWKHk5
o__IzuqAkdXlrxRYsJu4iQ"
,
          "e": "
AQAB"
}}},
    "DeviceEncryptiontionKey": {
      "UDF": "MBZL4-6R2G4-3VA6V-XNMJS-B5ZAU-XZ4KZ",
      "PublicParameters": {
        "PublicKeyRSA": {
          "kid": "MBZL4-6R2G4-3VA6V-XNMJS-B5ZAU-XZ4KZ",
          "n": "
3PwWFh0nziWOWohD1dWQSjQHzS6MicVxnjOiyR0W5-_Xxz53R1phuEiU52o9epSx
vFVmYsf7_9qjKyESE19WUR6b-XeOhjnukV0V-7wRFvO5EAyr52WB49Kr3W5rQvGZ
ETGVVlL0ZtLo9FkDrqca0bcNK1yL8sg4wKBOxKe3Lt-f2W-WLGT0QkPHIfuafeci
WGVQSvFmtTTiK1L-Yfx9aqc8hxXFfOqVKnTHNIx9rYyQvw9XVQ6dSun-ljf8e1wP
Im7yriOyztMr0w6MHMASEDkdyqVRddUjyc_EJTdIHhHuoGkhjWfSnsMrfgDgyNe1
FDNY1xMja2Kol7ZSyWLuCQ"
,
          "e": "
AQAB"
}}}}}

Figure 12

The device profile is then signed: 

{
  "SignedDeviceProfile": {
    "Identifier": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
    "SignedData": {
      "unprotected": {
        "dig": "S512"},
      "payload": "
ewogICJEZXZpY2VQcm9maWxlIjogewogICAgIklkZW50aWZpZXIiOiAiTURWSUst
RzRQUUItU1RHTVYtMllQNEYtUlNHNDQtUlVSQ1EiLAogICAgIk5hbWVzIjogWyJE
...
ICAgICAgICAgImUiOiAiCkFRQUIifX19fX0"
,
      "signatures": [{
          "header": {
            "kid": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ"},
          "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCmRzLXpSNzV0TWtYTld4UG1X
RURBMU5jM3hUcGJhWWNDLWxCWFRUNXhNZDR0d2tMc1hsbXdlZ0N0bzVVTWFvem0K
U25KMFF1d2M2azBLSGh1ak9QNzJoZyJ9"
,
          "signature": "
K5kWHWdOOK-cCWg-QbEiKPpNG5hexBHFrJNFh14g_LoFsUZQ8Jsa8hc0wQqD7S8E
qA3i8EEjYj0V-jxeEHNQPObpocy98Sgx3iV55nIH3eX9ccvdWE7pcYIwJ2kx5WNa
n7RmmviaFB-I_7vZ-WG7Mdr9LF6nlSSLrGUG1rh8cY558QCpxt1Fvx1qXTG9Upf6
fTsHG0WyAEnWtTGqd8VqWysD7O24QFlPWOSHS3OwuHZ-aRyt0Wfl3GgtIt2kLXWg
Vn8jZpbZzDgbjKhK4AsyLWopVOT_Tbs7wNGMwCwdKjyb56rKXCBJ50MePeoRFH3J
xxsjlZrC8wMTbIRNOI7krg"
}]}}}

Figure 13

3.3.1. Profile Authentication

One of the main architecutral principles of the Mesh is bilateral authentication. Every device that is connected to a Mesh profile MUST authenticate the profile it is connecting to and every Mesh profile administrator MUST authenticate devices that are connected.

Having created the necessary profile, the device MUST verify that it is connecting to the correct Mesh profile. The best mechanism for achieving this purpose depends on the capabilities of the device being connected. The administration device obviously requires some means of communicating with the user to serve its function. But the device being connected may have a limited display capability or no user interaction capability at all.

3.3.1.1. Interactive Devices

If the device has user input and display capabilities, it can verify that it is connecting to the correct display by first requesting the user enter the portal account of the profile they wish to connect to, retreiving the profile associated with the device and displaying the profile fingerprint.

The client requests the profile for the requested account name: 

{
  "GetRequest": {
    "Account": "test@prismproof.org",
    "Multiple": false}}

Figure 14

The response contains the requested profile information. 

{
  "GetResponse": {
    "Status": 201,
    "StatusDescription": "Operation completed successfully",
    "Entries": [{
        "SignedPersonalProfile": {
          "Identifier": "MC2T7-JNCI5-YMAW4-3XHYM-SBGJN-UMF4C",
          "SignedData": {
            "unprotected": {
              "dig": "S512"},
            "payload": "
ewogICJQZXJzb25hbFByb2ZpbGUiOiB7CiAgICAiSWRlbnRpZmllciI6ICJNQzJU
Ny1KTkNJNS1ZTUFXNC0zWEhZTS1TQkdKTi1VTUY0QyIsCiAgICAiU2lnbmVkTWFz
...
b25zIjogW119fQ"
,
            "signatures": [{
                "header": {
                  "kid": "MA7XV-ZOTDR-TXEDM-O2QP7-F7JTG-FGFFE"},
                "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCnhHUlFPY21qdGtWbHhMdTFh
RTJjS1JKN2k4MWN0NmQ4MTZGSTZxRHVOS3RGbm9MYjRybDhoM2NvSS1neGI5aEMK
V3ExY3B6cU81SHJDMHRNdDlvRk1CQSJ9"
,
                "signature": "
D4lfCt5MEKb-1xB4KFC62ZWZaiHnOLgiQOxGhUkuhx-hGnP6XUkyMBjM2Xn2ggeW
HTo7aa-SoeA8pEvCsX1udicW7uRqJPxUf4_fC4LxVhJko9pWkPs2BnuBcTlYjzKL
QuAx8Uby34lk_f2260R6gx9smxEAFuq-hE3KpPWOfa0_wDZnJ2T_LljDoDdThpef
fXuWfX9ehO7jGEObOWOImLb9anLrciLNIkxDgjs_urcAdsmciMBODIn5OtaUbxiU
zzRaOlofB3PFCWEg8bnJ4g9CsMbmUC0TfKAwtyvto5aD0z_t5JmKCyjrpeg6PlkV
NjmUpXfqwSE_E8Zmwv5PsQ"
}]}}}]}}

Figure 15

Having received the profile data, the user can then verify that the device is attempting to connect to the correct profile by verifying that the fingerprint shown by the device attempting to connect is correct.

3.3.1.2. Constrained Interaction Devices

Connection of an Internet of Things 'IoT' device that does not have the ability to accept user input requires a mechanism by which the user can identify the device they wish to connect to their profile and a mechanism to authenticate the profile to the device.

If the connecting device has a wired communication capability such as a USB port, this MAY be used to effect the device connection using a standardized interaction profile. But an increasing number of constrained IoT devices are only capable of wireless communication.

Configuration of such devices for the purpose of the Mesh requires that we also consider configuration of the wireless networking capabilities at the same time. The precise mechanism by which this is achieved is therefore outside the scope of this particular document. However prototypes have been built and are being considered that make use of some or all of the following communication techniques:

3.3.2. Connection request

After the user verifies the device fingerprint as correct, the client posts a device connection request to the portal: 

{
  "ConnectStartRequest": {
    "SignedRequest": {
      "Identifier": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
      "SignedData": {
        "unprotected": {
          "dig": "S512"},
        "payload": "
ewogICJDb25uZWN0aW9uUmVxdWVzdCI6IHsKICAgICJQYXJlbnRVREYiOiAiTUMy
VDctSk5DSTUtWU1BVzQtM1hIWU0tU0JHSk4tVU1GNEMiLAogICAgIkRldmljZSI6
...
fX0sCiAgICAiRGV2aWNlRGF0YSI6IFtdfX0"
,
        "signatures": [{
            "header": {
              "kid": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ"},
            "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCmZ1T0h4N3BWM19lU2Q4UXh5
bUgyQWFoWDR0a3VFM0ZjSHNzeE1LdVFDTDd3THFYeXgtZi1TZmloa1dRS3RVckYK
VGRtcWZUTHRrMFAxS2tQZmZDbElnQSJ9"
,
            "signature": "
vsMjgztTeC9TK11ZSa8at7hlQbD51g0ImBypkGqwEvWOO6J7NSaR7kPtgukzIS75
Bii8coRZjSFBlieMWUj6pWp5Ge70wx7S8BBvqFol5YRqmqxnek9gPmxRWrPnPX8_
nBytoATRY-sztfA1teN4fkKAp5yJxV9tLqYDuZlmw6jPZ_OpRKWQ16IOpHPdut_q
8IAdAuaerVXpk4DN5sqSRUMdNdW27DXwk3Y8crdj2UNpbQIhpBCgZMA7Fn6elmDN
rPHpDgRjQf-qAqpIIU_AGmylUk4M8I1eeuvf_-U0jxDG0FDM_WBJ58RUL0yFP-oM
NH6SyZFFszHl--u1SHO3kA"
}]}},
    "AccountID": "test@prismproof.org"}}

Figure 16

The portal verifies that the request is accepable and returns the transaction result: 

{
  "ConnectStartResponse": {}}

Figure 17

3.3.3. Administrator Polls Pending Connections

The client can poll the portal for the status of pending requests at any time (modulo any service throttling restrictions at the service side). But the request status will only change when an update is posted by an administration device.

Since the user is typically connecting a device to their profile, the next step in connecting the device is to start the administration client. When started, the client polls for pending connection requests using ConnectPendingRequest. 

{
  "ConnectPendingRequest": {
    "AccountID": "test@prismproof.org"}}

Figure 18

The service responds with a list of pending requests: 

{
  "ConnectPendingResponse": {
    "Pending": [{
        "Identifier": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
        "SignedData": {
          "unprotected": {
            "dig": "S512"},
          "payload": "
ewogICJDb25uZWN0aW9uUmVxdWVzdCI6IHsKICAgICJQYXJlbnRVREYiOiAiTUMy
VDctSk5DSTUtWU1BVzQtM1hIWU0tU0JHSk4tVU1GNEMiLAogICAgIkRldmljZSI6
...
fX0sCiAgICAiRGV2aWNlRGF0YSI6IFtdfX0"
,
          "signatures": [{
              "header": {
                "kid": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ"},
              "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCmZ1T0h4N3BWM19lU2Q4UXh5
bUgyQWFoWDR0a3VFM0ZjSHNzeE1LdVFDTDd3THFYeXgtZi1TZmloa1dRS3RVckYK
VGRtcWZUTHRrMFAxS2tQZmZDbElnQSJ9"
,
              "signature": "
vsMjgztTeC9TK11ZSa8at7hlQbD51g0ImBypkGqwEvWOO6J7NSaR7kPtgukzIS75
Bii8coRZjSFBlieMWUj6pWp5Ge70wx7S8BBvqFol5YRqmqxnek9gPmxRWrPnPX8_
nBytoATRY-sztfA1teN4fkKAp5yJxV9tLqYDuZlmw6jPZ_OpRKWQ16IOpHPdut_q
8IAdAuaerVXpk4DN5sqSRUMdNdW27DXwk3Y8crdj2UNpbQIhpBCgZMA7Fn6elmDN
rPHpDgRjQf-qAqpIIU_AGmylUk4M8I1eeuvf_-U0jxDG0FDM_WBJ58RUL0yFP-oM
NH6SyZFFszHl--u1SHO3kA"
}]}}]}}

Figure 19

3.3.4. Administrator updates and publishes the personal profile.

The device profile is added to the Personal profile which is then signed by the online signing key. The administration client publishes the updated profile to the Mesh through the portal: 

{
  "ConnectPendingRequest": {
    "AccountID": "test@prismproof.org"}}

Figure 20

As usual, the service returns the response code: 

{
  "ConnectPendingResponse": {
    "Pending": [{
        "Identifier": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
        "SignedData": {
          "unprotected": {
            "dig": "S512"},
          "payload": "
ewogICJDb25uZWN0aW9uUmVxdWVzdCI6IHsKICAgICJQYXJlbnRVREYiOiAiTUMy
VDctSk5DSTUtWU1BVzQtM1hIWU0tU0JHSk4tVU1GNEMiLAogICAgIkRldmljZSI6
...
fX0sCiAgICAiRGV2aWNlRGF0YSI6IFtdfX0"
,
          "signatures": [{
              "header": {
                "kid": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ"},
              "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiCmZ1T0h4N3BWM19lU2Q4UXh5
bUgyQWFoWDR0a3VFM0ZjSHNzeE1LdVFDTDd3THFYeXgtZi1TZmloa1dRS3RVckYK
VGRtcWZUTHRrMFAxS2tQZmZDbElnQSJ9"
,
              "signature": "
vsMjgztTeC9TK11ZSa8at7hlQbD51g0ImBypkGqwEvWOO6J7NSaR7kPtgukzIS75
Bii8coRZjSFBlieMWUj6pWp5Ge70wx7S8BBvqFol5YRqmqxnek9gPmxRWrPnPX8_
nBytoATRY-sztfA1teN4fkKAp5yJxV9tLqYDuZlmw6jPZ_OpRKWQ16IOpHPdut_q
8IAdAuaerVXpk4DN5sqSRUMdNdW27DXwk3Y8crdj2UNpbQIhpBCgZMA7Fn6elmDN
rPHpDgRjQf-qAqpIIU_AGmylUk4M8I1eeuvf_-U0jxDG0FDM_WBJ58RUL0yFP-oM
NH6SyZFFszHl--u1SHO3kA"
}]}}]}}

Figure 21

3.3.5. Administrator posts completion request.

Having accepted the device and connected it to the profile, the administration client creates and signs a connection completion result which is posted to the portal using ConnectCompleteRequest: 

{
  "ConnectCompleteRequest": {
    "Result": {
      "Identifier": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
      "SignedData": {
        "unprotected": {
          "dig": "S512"},
        "payload": "
ewogICJDb25uZWN0aW9uUmVzdWx0IjogewogICAgIkRldmljZSI6IHsKICAgICAg
IklkZW50aWZpZXIiOiAiTURWSUstRzRQUUItU1RHTVYtMllQNEYtUlNHNDQtUlVS
...
Cm9HYzJwWlhfbHFibHZxemhhSzBMNFEifV19fX19fQ"
,
        "signatures": [{
            "header": {
              "kid": "MA7XV-ZOTDR-TXEDM-O2QP7-F7JTG-FGFFE"},
            "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiClRtQzNKakpZLS1oQjdRT0Fp
bFg0WGtlQ3ZoVG02MEkwM3F0OVlKdkEwVUVRb0Y3X2M0ems2UnZoSWZGVm02NDIK
bmM5b1k2Y3FIV0ZLdnBwZlJobm9qZyJ9"
,
            "signature": "
DMNIqoQOKRFCaJTjHcR72StoWTqsaL3Kx1tL3P0QjPsI1sfo6DQPTQu6RP5ZNksm
UF60KHGheopm-RvlxZjZ5qfMwWdCmmiCzAj-yrQoLcTEkq523mzDqZNc03IME6jn
MDE2_oGkoa5FyXeQAtPEsbB8n4Ib2FE7nkcehGufiP5RiKi0dxDJaMJaEiSfkIvf
XjUfypzW6nk_ALwi898icIXBxNatlUwgiikrchdu3PcG1c-dKndQqsd2Z74_vjKq
hUeyTiZT33CMEMt74Gi8dX4C78W2QxApUdGsv6EzWZmL9Jjr_p2neerfZfuTik8C
Xp1aigh1A0uyY30RbEwSQw"
}]}},
    "AccountID": "test@prismproof.org"}}

Figure 22

Again, the service returns the response code: 

{
  "ConnectCompleteResponse": {}}

Figure 23

3.3.6. Connecting device polls for status update.

As stated previously, the connecting device polls the portal periodically to determine the status of the pending request using ConnectStatusRequest: 

{
  "ConnectStatusRequest": {
    "AccountID": "test@prismproof.org",
    "DeviceID": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ"}}

Figure 24

If the response is that the connection status has not changed, the service MAY return a response that specifies a minimum retry interval. In this case however there is a connection result: 

{
  "ConnectStatusResponse": {
    "Result": {
      "Identifier": "MDVIK-G4PQB-STGMV-2YP4F-RSG44-RURCQ",
      "SignedData": {
        "unprotected": {
          "dig": "S512"},
        "payload": "
ewogICJDb25uZWN0aW9uUmVzdWx0IjogewogICAgIkRldmljZSI6IHsKICAgICAg
IklkZW50aWZpZXIiOiAiTURWSUstRzRQUUItU1RHTVYtMllQNEYtUlNHNDQtUlVS
...
Cm9HYzJwWlhfbHFibHZxemhhSzBMNFEifV19fX19fQ"
,
        "signatures": [{
            "header": {
              "kid": "MA7XV-ZOTDR-TXEDM-O2QP7-F7JTG-FGFFE"},
            "protected": "
ewogICJhbGciOiAiUlM1MTIiLAogICJ2YWwiOiAiClRtQzNKakpZLS1oQjdRT0Fp
bFg0WGtlQ3ZoVG02MEkwM3F0OVlKdkEwVUVRb0Y3X2M0ems2UnZoSWZGVm02NDIK
bmM5b1k2Y3FIV0ZLdnBwZlJobm9qZyJ9"
,
            "signature": "
DMNIqoQOKRFCaJTjHcR72StoWTqsaL3Kx1tL3P0QjPsI1sfo6DQPTQu6RP5ZNksm
UF60KHGheopm-RvlxZjZ5qfMwWdCmmiCzAj-yrQoLcTEkq523mzDqZNc03IME6jn
MDE2_oGkoa5FyXeQAtPEsbB8n4Ib2FE7nkcehGufiP5RiKi0dxDJaMJaEiSfkIvf
XjUfypzW6nk_ALwi898icIXBxNatlUwgiikrchdu3PcG1c-dKndQqsd2Z74_vjKq
hUeyTiZT33CMEMt74Gi8dX4C78W2QxApUdGsv6EzWZmL9Jjr_p2neerfZfuTik8C
Xp1aigh1A0uyY30RbEwSQw"
}]}}}}

Figure 25

[Should probably unpack further.]

3.4. Adding an application profile to a user profile

Application profiles are published separately from the personal profile to which they are linked. This allows a device to be given administration capability for a particular application without granting administration capability for the profile itself and the ability to connect additional profiles and devices.

Another advantage of this separation is that an application profile might be managed by a separate party. In an enterprise, the application profile for a user's corporate email account could be managed by the corporate IT department.

A user MAY have multiple application profiles for the same application. If a user has three email accounts, they would have three email application profiles, one for each account.

In this example, the user has requested a PaswordProfile to be created. When populated, this records the usernames and passwords for the various Web sites that the user has created accounts at and has requested the Web browser store in the Mesh.

Unlike a traditional password management service, the data stored the Password Profile is encrypted end to end and can only be decrypted by the devices that hold a decryption key. 

{Example.PasswordProfile1}

Figure 26

The application profile is published to the Mesh in the same way as any other profile update, via a a Publish transaction:

% Point = Example.Traces.Get (Example.LabelApplicationWeb1); {Point.Messages[0].String()}

The service returns a status response.

{Point.Messages[1].String()}

Note that the degree of verification to be performed by the service when an application profile is published is an open question.

Having created the application profile, the administration client adds it to the personal profile and publishes it:

{Point.Messages[0].String()}

Note that if the publication was to happen in the reverse order, with the personal profile being published before the application profile, the personal profile might be rejected by the portal for inconsistency as it links to a non existent application profile. Though the value of such a check is debatable. It might well be preferable to not make such checks as it permits an application profile to have a degree of anonymity.

{Point.Messages[1].String()}

3.5. Creating a recovery profile

The Mesh invites users to put all their data eggs in one cryptographic basket. If the private keys in their master profile are lost, they could lose all their digital assets.

The debate over the desirability of key escrow is a complex one. Not least because voluntary key escrow by the user to protect the user's digital assets is frequently conflated with mechanisms to support 'Lawful Access' through government managed backdoors.

Accidents happen and so do disasters. For most users and most applications, data loss is a much more important concern than data disclosure. The option of using a robust key recovery mechanism is therefore essential for use of strong cryptography is to become ubiquitous.

There are of course circumstances in which some users may prefer to risk losing some of their data rather than risk disclosure. Since any key recovery infrastructure necessarily introduces the risk of coercion, the choice of whether to use key recovery or not is left to the user to decide.

The Mesh permits users to escrow their private keys in the Mesh itself in an OfflineEscrowEntry. Such entries are encrypted using the strongest degree of encryption available under a symmetric key. The symmetric key is then in turn split using Shamir secret sharing using an n of m threshold scheme.

The OfflineEscrowEntry identifier is a UDF fingerprint of the symmetric key used to encrypt the data. This guarantees that a party that has the decryption key has the ability to locate the corresponding Escrow entry.

The OfflineEscrowEntry is published using the usual Publish transaction:

{Point.Messages[0].String()}

The response indicates success or failure:

{Point.Messages[1].String()}

3.6. Recovering a profile

To recover a profile, the user MUST supply the necessary number of secret shares. These are then used to calculate the UDF fingerprint to use as the locator in a Get transaction:

{Point.Messages[0].String()}

If the transaction succeeds, GetResponse is returned with the requested data.

{Point.Messages[1].String()}

The client can now decrypt the OfflineEscrowEntry to recover the private key(s).

4. Shared Classes

The following classes are used as common elements in Mesh profile specifications.a

4.1. Cryptographic Data Classes

Most Mesh objects are signed and/or encrypted. For consistency all Mesh classes make use of the cryptographic data classes described in this section.

4.1.1. Structure: PublicKey

The PublicKey class is used to describe public key pairs and trust assertions associated with a public key.

UDF: String (Optional)
UDF fingerprint of the public key parameters/
X509Certificate: Binary (Optional)
List of X.509 Certificates
X509Chain: Binary [0..Many]
X.509 Certificate chain.
X509CSR: Binary (Optional)
X.509 Certificate Signing Request.

4.1.2. Structure: SignedData

Container for JOSE signed data and related attributes.

Data: Binary (Optional)
The signed data

4.1.3. Structure: EncryptedData

Container for JOSE encrypted data and related attributes.

Data: Binary (Optional)
The encrypted data

4.2. Common Application Classes

4.2.1. Structure: Connection

Describes network connection parameters for an application

ServiceName: String (Optional)
DNS address of the server
Port: Integer (Optional)
TCP/UDP Port number
Prefix: String (Optional)
DNS service prefix as described in [!RFC6335]
Security: String [0..Many]
Describes the security mode to use. Valid choices are Direct/Upgrade/None
UserName: String (Optional)
Username to present to the service for authentication
Password: String (Optional)
Password to present to the service for authentication
URI: String (Optional)
Service connection parameters in URI format
Authentication: String (Optional)
List of the supported/acceptable authentication mechanisms, preferred mechanism first.
TimeOut: Integer (Optional)
Service timeout in seconds.
Polling: Boolean (Optional)
If set, the client should poll the specified service intermittently for updates.

5. Mesh Profile Objects

5.1. Base Profile Objects

5.1.1. Structure: Entry

Base class for all Mesh Profile objects.

Identifier: String (Optional)
Globally unique identifier that remains constant for the lifetime of the entry.

5.1.2. Structure: SignedProfile

Inherits: Entry

Contains a signed profile entry

SignedData: JoseWebSignature (Optional)
The signed profile.
Note that each child of SignedProfile requires that the Payload field of the SignedData object contain an object of a specific type. For example, a SignedDeviceProfile object MUST contain a Payload field that contains a DeviceProfile object.
Unauthenticated: Advice (Optional)
Additional data that is not authenticated.

5.1.3. Structure: Advice

Additional data bound to a signed profile that is not authenticated.

Default: DateTime (Optional)
If specified, the profile was the default profile at the specified date and time. The current default for that type of profile is the profile with the most recent Default timestamp.

5.1.4. Structure: PortalAdvice

Inherits: Advice
Inherits: Advice
PortalAddress: String [0..Many]
A portal address at which this profile is registered.

5.1.5. Structure: Profile

Inherits: Entry

Parent class from which all profile types are derived

Names: String [0..Many]
Fingerprints of index terms for profile retrieval. The use of the fingerprint of the name rather than the name itself is a precaution against enumeration attacks and other forms of abuse.
Updated: DateTime (Optional)
The time instant the profile was last modified.
NotaryToken: String (Optional)
A Uniform Notary Token providing evidence that a signature was performed after the notary token was created.

5.2. Device Profile Classes

5.2.1. Structure: SignedDeviceProfile

Inherits: SignedProfile

Contains a signed device profile

[No fields]

5.2.2. Structure: DeviceProfile

Inherits: Profile

Describes a mesh device.

Description: String (Optional)
Description of the device
DeviceSignatureKey: PublicKey (Optional)
Key used to sign certificates for the DAK and DEK. The fingerprint of the DSK is the UniqueID of the Device Profile
DeviceAuthenticationKey: PublicKey (Optional)
Key used to authenticate requests made by the device.
DeviceEncryptiontionKey: PublicKey (Optional)
Key used to pass encrypted data to the device such as a DeviceUseEntry

5.2.3. Structure: DevicePrivateProfile

Private portion of device encryption profile.

DeviceSignatureKey: Key (Optional)
Private portion of the DeviceSignatureKey
DeviceAuthenticationKey: Key (Optional)
Private portion of the DeviceAuthenticationKey
DeviceEncryptiontionKey: Key (Optional)
Private portion of the DeviceEncryptiontionKey

5.3. Master Profile Objects

5.3.1. Structure: SignedMasterProfile

Inherits: SignedProfile

Contains a signed Personal master profile

[No fields]

5.3.2. Structure: MasterProfile

Inherits: Profile

Describes the long term parameters associated with a personal profile.

MasterSignatureKey: PublicKey (Optional)
The root of trust for the Personal PKI, the public key of the PMSK is presented as a self-signed X.509v3 certificate with Certificate Signing use enabled. The PMSK is used to sign certificates for the PMEK, POSK and PKEK keys.
MasterEscrowKeys: PublicKey [0..Many]
A Personal Profile MAY contain one or more PMEK keys to enable escrow of private keys used for stored data.
OnlineSignatureKeys: PublicKey [0..Many]
A Personal profile contains at least one POSK which is used to sign device administration application profiles.

5.4. Personal Profile Objects

5.4.1. Structure: SignedPersonalProfile

Inherits: SignedProfile

Contains a signed Personal current profile

[No fields]

5.4.2. Structure: PersonalProfile

Inherits: Profile

Describes the current applications and devices connected to a personal master profile.

SignedMasterProfile: SignedMasterProfile (Optional)
The corresponding master profile. The profile MUST be signed by the PMSK.
Devices: SignedDeviceProfile [0..Many]
The set of device profiles connected to the profile. The profile MUST be signed by the DSK in the profile.
Applications: ApplicationProfileEntry [0..Many]
Application profiles connected to this profile.

5.4.3. Structure: ApplicationProfileEntry

Personal profile entry describing the privileges of specific devices.

Identifier: String (Optional)
The unique identifier of the application
Type: String (Optional)
The application type
Friendly: String (Optional)
Optional friendly name identifying the application.
AdminDeviceUDF: String [0..Many]
List of devices authorized to sign application profiles
DecryptDeviceUDF: String [0..Many]
List of devices authorized to read private parts of application profiles.

5.5. Application Profile Objects

5.5.1. Structure: SignedApplicationProfile

Inherits: SignedProfile

Contains a signed device profile

[No fields]

5.5.2. Structure: ApplicationProfile

Inherits: Profile

Parent class from which all application profiles inherit.

[No fields]

5.5.3. Structure: ApplicationProfilePrivate

Inherits: Entry

The base class for all private profiles.

[No fields]

5.5.4. Structure: ApplicationDevicePublic

Inherits: Entry

Describes the public per device data

DeviceDescription: String (Optional)
Description of the device for convenience of the user.
DeviceUDF: String (Optional)
Fingerprint of device that this key corresponds to.

5.5.5. Structure: ApplicationDevicePrivate

Inherits: Entry

Describes the private per device data

[No fields]

5.6. Key Escrow Objects

5.6.1. Structure: EscrowEntry

Inherits: Entry

Contains escrowed data

EncryptedData: JoseWebEncryption (Optional)
The encrypted escrow data

5.6.2. Structure: OfflineEscrowEntry

Inherits: EscrowEntry

Contains data escrowed using the offline escrow mechanism.

[No fields]

5.6.3. Structure: OnlineEscrowEntry

Inherits: EscrowEntry

Contains data escrowed using the online escrow mechanism.

[No fields]

5.6.4. Structure: EscrowedKeySet

A set of escrowed keys.

[No fields]

6. Portal Connection

6.1. Connection Request and Response Structures

6.1.1. Structure: ConnectionRequest

Describes a connection request.

ParentUDF: String (Optional)
UDF of Mesh Profile to which connection is requested.
Device: SignedDeviceProfile (Optional)
The Device profile to be connected

6.1.2. Structure: SignedConnectionRequest

Inherits: SignedProfile

Contains a ConnectionRequest signed by the corresponding device signature key.

[No fields]

6.1.3. Structure: ConnectionResult

Describes the result of a connection request.

Inherits: ConnectionRequest
Inherits: ConnectionRequest
Result: String (Optional)
The result of the connection request. Valid responses are: Accepted, Refused, Query.

6.1.4. Structure: SignedConnectionResult

Inherits: SignedProfile

Contains a signed connection result

[No fields]

7. Mesh Portal Service Reference

SRV Prefix: _mmm._tcp
SRV Prefix: _mmm._tcp
HTTP Well Known Service Prefix: /.well-known/mmm

Every Mesh Portal Service transaction consists of exactly one request followed by exactly one response. Mesh Service transactions MAY cause modification of the data stored in the Mesh Portal or the Mesh itself but do not cause changes to the connection state. The protocol itself is thus idempotent. There is no set sequence in which operations are required to be performed. It is not necessary to perform a Hello transaction prior to a ValidateAccount, Publish or any other transaction.

7.1. Request Messages

A Mesh Portal Service request consists of a payload object that inherits from the MeshRequest class. When using the HTTP binding, the request MUST specify the portal DNS address in the HTTP Host field.

7.1.1. Message: MeshRequest

Base class for all request messages.

Portal: String (Optional)
Name of the Mesh Portal Service to which the request is directed.

7.2. Response Messages

A Mesh Portal Service response consists of a payload object that inherits from the MeshResponse class. When using the HTTP binding, the response SHOULD report the Status response code in the HTTP response message. However the response code returned in the payload object MUST always be considered authoritative.

7.2.1. Message: MeshResponse

Base class for all response messages. Contains only the status code and status description fields.

[No fields]

7.3. Imported Objects

The Mesh Service protocol makes use of JSON objects defined in the JOSE Signatgure and Encryption specifications.

7.4. Common Structures

The following common structures are used in the protocol messages:

7.4.1. Structure: KeyValue

Describes a Key/Value structure used to make queries for records matching one or more selection criteria.

Key: String (Optional)
The data retrieval key.
Value: String (Optional)
The data value to match.

7.4.2. Structure: SearchConstraints

Specifies constraints to be applied to a search result. These allow a client to limit the number of records returned, the quantity of data returned, the earliest and latest data returned, etc.

NotBefore: DateTime (Optional)
Only data published on or after the specified time instant is requested.
Before: DateTime (Optional)
Only data published before the specified time instant is requested. This excludes data published at the specified time instant.
MaxEntries: Integer (Optional)
Maximum number of data entries to return.
MaxBytes: Integer (Optional)
Maximum number of data bytes to return.
PageKey: String (Optional)
Specifies a page key returned in a previous search operation in which the number of responses exceeded the specified bounds.
When a page key is specified, all the other search parameters except for MaxEntries and MaxBytes are ignored and the service returns the next set of data responding to the earlier query.

7.5. Transaction: Hello

Request: HelloRequest
Request: HelloRequest
Response: HelloResponse

Report service and version information.

The Hello transaction provides a means of determining which protocol versions, message encodings and transport protocols are supported by the service.

7.6. Transaction: ValidateAccount

Request: ValidateRequest
Request: ValidateRequest
Response: ValidateResponse

Request validation of a proposed name for a new account.

For validation of a user's account name during profile creation.

7.6.1. Message: ValidateRequest

Inherits: MeshRequest

Describes the proposed account properties. Currently, these are limited to the account name but could be extended in future versions of the protocol.

Account: String (Optional)
Account name requested
Reserve: Boolean (Optional)
If true, request a reservation for the specified account name. Note that the service is not obliged to honor reservation requests.
Language: String [0..Many]
List of ISO language codes in order of preference. For creating explanatory text.

7.6.2. Message: ValidateResponse

Inherits: MeshResponse

States whether the proposed account properties are acceptable and (optional) returns an indication of what properties are valid.

Note that receiving a 'Valid' responseto a Validate Request does not guarantee creation of the account. In addition to the possibility that the account namecould be requested by another user between the Validate and Create transactions, a portal service MAY perform more stringent validation criteria when an account is actually being created. For example, checking with the authoritative list of current accounts rather than a cached copy.

Valid: Boolean (Optional)
If true, the specified account identifier is acceptable. If false, the account identifier is rejected.
Minimum: Integer (Optional)
Specifies the minimum length of an account name.
Maximum: Integer (Optional)
Specifies the maximum length of an account name.
InvalidCharacters: String (Optional)
A list of characters that the service does not accept in account names. The list of characters MAY not be exhaustive but SHOULD include any illegal characters in the proposed account name.
Reason: String (Optional)
Text explaining the reason an account name was rejected.

7.7. Transaction: CreateAccount

Request: CreateRequest
Request: CreateRequest
Response: CreateResponse

Request creation of a new portal account.

Unlike a profile, a mesh account is specific to a particular Mesh portal. A mesh account must be created and accepted before a profile can be published.

7.7.1. Message: CreateRequest

Request creation of a new portal account. The request specifies the requested account identifier and the Mesh profile to be associated with the account.

Inherits: MeshRequest
Inherits: MeshRequest
Account: String (Optional)
Account identifier requested.

7.7.2. Message: CreateResponse

Inherits: MeshResponse

Reports the success or failure of a Create transaction.

[No fields]

7.8. Transaction: DeleteAccount

Request: DeleteRequest
Request: DeleteRequest
Response: DeleteResponse

Request deletion of a portal account.

Deletes a portal account but not the underlying profile. Once registered, profiles are permanent.

7.8.1. Message: DeleteRequest

Request deletion of a new portal account. The request specifies the requested account identifier.

Inherits: MeshRequest
Inherits: MeshRequest
Account: String (Optional)
Account identifier to be deleted.

7.8.2. Message: DeleteResponse

Inherits: MeshResponse

Reports the success or failure of a Delete transaction.

[No fields]

7.9. Transaction: Get

Request: GetRequest
Request: GetRequest
Response: GetResponse

Search for data in the mesh that matches a set of properties described by a sequence of key/value pairs.

7.9.1. Message: GetRequest

Describes the Portal or Mesh data to be retreived.

Inherits: MeshRequest
Inherits: MeshRequest
Identifier: String (Optional)
Lookup by profile ID
Account: String (Optional)
Lookup by Account ID
KeyValues: KeyValue [0..Many]
List of KeyValue pairs specifying the conditions to be met
SearchConstraints: SearchConstraints (Optional)
Constrain the search to a specific time interval and/or limit the number and/or total size of data records returned.
Multiple: Boolean (Optional)
If true return multiple responses if available
Full: Boolean (Optional)
If true, the client requests that the full Mesh data record be returned containing both the Mesh entry itself and the Mesh metadata that allows the date and time of the publication of the Mesh entry to be verified.

7.9.2. Message: GetResponse

Reports the success or failure of a Get transaction. If a Mesh entry matching the specified profile is found, containsthe list of entries matching the request.

Inherits: MeshResponse
Inherits: MeshResponse
DataItems: DataItem [0..Many]
List of mesh data records matching the request.
PageKey: String (Optional)
If non-null, indicates that the number and/or size of the data records returned exceeds either the SearchConstraints specified in the request or internal server limits.

7.10. Transaction: Publish

Request: PublishRequest
Request: PublishRequest
Response: PublishResponse

Publish a profile or key escrow entry to the mesh.

7.10.1. Message: PublishRequest

Requests publication of the specified Mesh entry.

Inherits: MeshRequest

[No fields]

7.10.2. Message: PublishResponse

Reports the success or failure of a Publish transaction.

Inherits: MeshResponse

[No fields]

7.11. Transaction: Status

Request: StatusRequest
Request: StatusRequest
Response: StatusResponse

Request the current status of the mesh as seen by the portal to which it is directed.

The response to the status request contains the last signed checkpoint and proof chains for each of the peer portals that have been checkpointed.

[Not currently implemented]

7.11.1. Message: StatusRequest

Inherits: MeshRequest

Initiates a status transaction.

[No fields]

7.11.2. Message: StatusResponse

Reports the success or failure of a Status transaction.

Inherits: MeshResponse
Inherits: MeshResponse
LastWriteTime: DateTime (Optional)
Time that the last write update was made to the Mesh
LastCheckpointTime: DateTime (Optional)
Time that the last Mesh checkpoint was calculated.
NextCheckpointTime: DateTime (Optional)
Time at which the next Mesh checkpoint should be calculated.
CheckpointValue: String (Optional)
Last checkpoint value.

7.12. Transaction: ConnectStart

Request: ConnectStartRequest
Request: ConnectStartRequest
Response: ConnectStartResponse

Request connection of a new device to a mesh profile

7.12.1. Message: ConnectStartRequest

Inherits: MeshRequest

Initial device connection request.

SignedRequest: SignedConnectionRequest (Optional)
Device connection request signed by thesignature key of the device requesting connection.
AccountID: String (Optional)
Account identifier of account to which the device is requesting connection.

7.12.2. Message: ConnectStartResponse

Reports the success or failure of a ConnectStart transaction.

Inherits: MeshRequest

[No fields]

7.13. Transaction: ConnectStatus

Request: ConnectStatusRequest
Request: ConnectStatusRequest
Response: ConnectStatusResponse

Request status of pending connection request of a new device to a mesh profile

7.13.1. Message: ConnectStatusRequest

Inherits: MeshRequest

Request status information for a pending request posted previously.

AccountID: String (Optional)
Account identifier for which pending connection information is requested.
DeviceID: String (Optional)
Device identifier of device requesting status information.

7.13.2. Message: ConnectStatusResponse

Reports the success or failure of a ConnectStatus transaction.

Inherits: MeshRequest
Inherits: MeshRequest
Result: SignedConnectionResult (Optional)
The signed ConnectionResult object.

7.14. Transaction: ConnectPending

Request: ConnectPendingRequest
Request: ConnectPendingRequest
Response: ConnectPendingResponse

Request a list of pending requests for an administration profile.

7.14.1. Message: ConnectPendingRequest

Inherits: MeshRequest

Specify the criteria for pending requests.

AccountID: String (Optional)
The account identifier of the account for which pending connection requests are requested.
SearchConstraints: SearchConstraints (Optional)
Constrain the search to a specific time interval and/or limit the number and/or total size of data records returned.

7.14.2. Message: ConnectPendingResponse

Reports the success or failure of a ConnectPending transaction.

Inherits: MeshRequest
Inherits: MeshRequest
Pending: SignedConnectionRequest [0..Many]
A list of pending requests satisfying the criteria set out in the request.
PageKey: String (Optional)
If non-null, indicates that the number and/or size of the data records returned exceeds either the SearchConstraints specified in the request or internal server limits.

7.15. Transaction: ConnectComplete

Request: ConnectCompleteRequest
Request: ConnectCompleteRequest
Response: ConnectCompleteResponse

Post response to a pending connection request.

7.15.1. Message: ConnectCompleteRequest

Reports the success or failure of a ConnectComplete transaction.

Inherits: MeshRequest
Inherits: MeshRequest
Result: SignedConnectionResult (Optional)
The connection result to be posted to the portal. The result MUST be signed by a valid administration key for the Mesh profile.
AccountID: String (Optional)
The account identifier to which the connection result is posted.

7.15.2. Message: ConnectCompleteResponse

Inherits: MeshRequest

Reports the success or failure of a ConnectComplete transaction.

[No fields]

7.16. Transaction: Transfer

Request: TransferRequest
Request: TransferRequest
Response: TransferResponse

Perform a bulk transfer of the log between the specified transaction identifiers. Requires appropriate authorization

[Not currently implemented]

7.16.1. Message: TransferRequest

Request a bulk transfer of the log between the specified transaction identifiers. Requires appropriate authorization

Inherits: MeshRequest
Inherits: MeshRequest
SearchConstraints: SearchConstraints (Optional)
Constrain the search to a specific time interval and/or limit the number and/or total size of data records returned.

7.16.2. Message: TransferResponse

Inherits: MeshResponse

Reports the success or failure of a Transfer transaction. If successful, contains the list of Mesh records to be transferred.

DataItems: DataItem [0..Many]
List of mesh data records matching the request.
PageKey: String (Optional)
If non-null, indicates that the number and/or size of the data records returned exceeds either the SearchConstraints specified in the request or internal server limits.

8. Security Considerations

9. IANA Considerations

All the IANA considerations for the Mesh documents are specified in this document

10. Acknowledgements

11. References

11.1. Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997.
[RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M. and S. Cheshire, "Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry", BCP 165, RFC 6335, DOI 10.17487/RFC6335, August 2011.

11.2. Informative References

[draft-hallambaker-mesh-architecture] Hallam-Baker, P., "Mathematical Mesh: Architecture", Internet-Draft draft-hallambaker-mesh-architecture-03, May 2017.
[draft-hallambaker-mesh-developer] Hallam-Baker, P., "Mathematical Mesh: Reference Implementation", Internet-Draft draft-hallambaker-mesh-developer-04, September 2017.
[RFC822] Crocker, D., "STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT MESSAGES", STD 11, RFC 822, DOI 10.17487/RFC0822, August 1982.

Author's Address

Phillip Hallam-Baker Comodo Group Inc. EMail: philliph@comodo.com