On Thu, May 10, 2018 at 12:20:05AM +0700, Suphanat Chunhapanya wrote:
On 05/09/2018 03:50 PM, George Kadianakis wrote:
b) We might also want to look into XEdDSA and see if we can potentially use the same keypair for both intro auth (ed25519) and desc auth
(x25519).
This will be a great advantage if we can do that because putting two private keys in the HidServAuth is so frustrating.
The private key for intro auth is used to make a signature (that will be different per client), while the private key for desc auth is used to decrypt the descriptor (which will be the same for all clients), no?
(Not to mention that you should never use the same key for decryption and signing.)
- Ian