View Issue Details

Related ChangesetsJump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0003484Talerexchangepublic2014-07-04 21:262021-09-02 18:14
ReporterFlorian Dold Assigned ToChristian Grothoff  
PrioritylowSeverityfeatureReproducibilityhave not tried
Status closedResolutionfixed 
Product Versiongit (master) 
Target Version0.0Fixed in Version0.0 
Summary0003484: The mint should sign over the list of keys given.
Description... so customers can prove they got different sets of keys at the same time.
TagsNo tags attached.

Activities

Christian Grothoff

2015-01-29 00:58

manager   ~0008822

Overall we need to look at /keys and who signs it, we probably want to have an explicit place in there for both the mint's master key to sign it as well as the auditor (!).

Christian Grothoff

2015-03-24 17:41

manager   ~0009050

Signing keys and denomination keys are all individually signed with the offline master key already. However, what is not signed, is the full set of keys returned by /keys. Signing this full set is what I think Florian talked about, as returning different subsets to different customers might otherwise be a trick used by the mint to deanonymize users.

Christian Grothoff

2015-03-24 17:51

manager   ~0009051

Signing over entire response implemented in d5acf53..324bf3f

Christian Grothoff

2021-09-02 18:14

manager   ~0018333

Fix committed to master branch.

Related Changesets

exchange: master 324bf3f9

2015-03-24 18:53

Christian Grothoff


Details Diff		 fix 0003484: sign over full key set as well Affected Issues
0003484
mod - src/include/taler_signatures.h Diff File
mod - src/mint/taler-mint-httpd_keystate.c Diff File

Issue History

Date Modified Username Field Change
2014-07-04 21:26 Florian Dold New Issue
2015-01-29 00:58 Christian Grothoff Note Added: 0008822
2015-01-29 21:12 Christian Grothoff Severity minor => feature
2015-01-29 21:12 Christian Grothoff Status new => confirmed
2015-01-29 21:12 Christian Grothoff Product Version => git (master)
2015-01-29 21:12 Christian Grothoff Target Version => 0.0
2015-03-22 17:18 Christian Grothoff Priority normal => low
2015-03-24 17:31 Christian Grothoff Assigned To => Christian Grothoff
2015-03-24 17:31 Christian Grothoff Status confirmed => assigned
2015-03-24 17:41 Christian Grothoff Note Added: 0009050
2015-03-24 17:51 Christian Grothoff Note Added: 0009051
2015-03-24 17:51 Christian Grothoff Status assigned => resolved
2015-03-24 17:51 Christian Grothoff Fixed in Version => 0.0
2015-03-24 17:51 Christian Grothoff Resolution open => fixed
2015-03-24 17:57 Christian Grothoff Status resolved => closed
2016-02-18 15:43 Christian Grothoff Category mint => exchange
2021-09-02 18:14 Christian Grothoff Changeset attached => Taler-exchange master 324bf3f9
2021-09-02 18:14 Christian Grothoff Note Added: 0018333