From c03ad56d554a929a59a48dd28667ccefc479bf5c Mon Sep 17 00:00:00 2001 From: ValarDragon Date: Sat, 28 Jul 2018 04:23:22 -0700 Subject: [PATCH] (squash this) Note that this breaks existing keys. --- docs/architecture/adr-015-symmetric-crypto.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/architecture/adr-015-symmetric-crypto.md b/docs/architecture/adr-015-symmetric-crypto.md index 166d99c0..fbaee7a1 100644 --- a/docs/architecture/adr-015-symmetric-crypto.md +++ b/docs/architecture/adr-015-symmetric-crypto.md @@ -65,6 +65,13 @@ Then we call the AEAD's decrypt method on the provided nonce/ciphertext. `RegisterSymmetric` allows a downstream user to add their own desired AEAD to the symmetric package. +## Implementation strategy + +The golang implementation of what is proposed is rather straight forward. +The concern is that we will break existing private keys if we just switch to this. +If this is concerning, we can make a simple script which doesn't require decoding privkeys, +for converting from the old format to the new one. + ## Status Proposed. @@ -76,6 +83,8 @@ Proposed. * Allows downstream users to add their own AEAD ### Negative +* We will have to break all private keys stored on disk. +They can be recovered using seed words, and upgrade scripts are simple. ### Neutral * Caller has to instantiate the AEAD with the private key.