From 6ec09d3909d61345e2219fb7ff2dc7314d70909c Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 16 Jul 2019 11:31:34 +0100 Subject: [PATCH] Scan for signing key duplicates --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4b9e7f795..51c34a3ad 100644 --- a/README.md +++ b/README.md @@ -211,7 +211,7 @@ The only scenarios in which Eve might triumph would be if she could also do DNS Even if Eve has an account on Alice's instance this won't help her very much unless she can get write access to the database. -Another scenario is that you grant capabilities to an account on a hostile instance. The hostile instance then shares the resulting token with all other accounts on it. Potentially those other accounts might be able to gain capabilities which they havn't been granted *but only if they also have identical signing keys*. Checking for public key duplication on the instance granting capabilities could mitigate this. At the point at which a capabilities request is made are there any other known accounts with the same public key? +Another scenario is that you grant capabilities to an account on a hostile instance. The hostile instance then shares the resulting token with all other accounts on it. Potentially those other accounts might be able to gain capabilities which they havn't been granted *but only if they also have identical signing keys*. Checking for public key duplication on the instance granting capabilities could mitigate this. At the point at which a capabilities request is made are there any other known accounts with the same public key? Since actors are public it would also be possible to automatically scan for the existence of instances with duplicated signing keys. ## Install