-
Notifications
You must be signed in to change notification settings - Fork 78
Versioning
By design MSL messages are not explicitly versioned. Successful communication between entities depends upon foreknowledge that each entity can successfully authenticate, verify the integrity of, and decrypt the ciphertext of any messages generated by the other entity.
The ciphertext and signature envelopes are individually and independently versioned. Entity authentication, user authentication, and key exchange schemes are not versioned but should instead be replaced if discovered to be insecure. A receiving entity must only accept envelope versions and schemes that it considers secure.
An entity will communicate its support for specific features and cryptographic algorithms by including those in messages it creates.
If a flaw is discovered that would lead to the compromise of cryptographic keys, new keys must be used after the flaw is fixed. If a flaw is discovered in the messaging protocol or encoding, updated entities must reject messages that exhibit the flaw. An appropriate error response may be returned, along with optional localized text informing the user that a software upgrade is required.
A Netflix Original Production
Tech Blog | Twitter @NetflixOSS | Jobs
- Introduction
- Encoding & Normalization
- Cryptography
- Versioning
- MSL Networks
- Entity Authentication
- User Authentication
- Key Exchange
- Service Tokens
- Messages
- Error Messages
- Application Security Requirements
- Protocol Implementation
- Configuration Guide