Expand description
Security state is a signed object that attests to a user’s (or later an organization’s) security state. The security goal is to prevent downgrades of specific features within the user’s account by the server / a networked attacker with TLS introspection access.
A security state contains a security version. Based on this version, features can be disabled. Since the server cannot sign a security state, it can no longer downgrade the feature, because it cannot produce an arbitrary valid signed security state.
Note: A long-term compromised server can record the security state of a user, and then replay this specific state, or the entire account to downgrade users to previous states. This can be prevented per logged in session by the client, and for bootstrapping a client by using an extended login-with-device protocol.
To utilize the security state to disable a feature the following steps are taken:
- Assume: Feature with format version A is insecure, and cannot be changed by simple mutation
- A new, safe format version B is introduced, and an upgrade path created
- The upgrade path is made mandatory
- After upgrades are run, the sdk validates that all items are in format version B, and the security state can be updated to contain the security version N+1
- The client, given a security state with security version N+1 will reject all items that are in format version A.
Structs§
- Security
State - The security state is a signed object attesting to the security state of a user.
- Signed
Security State - A signed and serialized
SecurityStateobject.