This repository was archived by the owner on Aug 15, 2025. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +7
-4
lines changed
docs/Protocol Specifications Expand file tree Collapse file tree 1 file changed +7
-4
lines changed Original file line number Diff line number Diff line change @@ -858,15 +858,17 @@ participant sb as Server B
858858participant sa as Server A
859859
860860b->>b: Verify signature of Alice's message, attempt 1
861- alt Verification fails
861+ alt Verification fails or ID-Cert is out of date
862862 b->>sb: Request Alice's ID-Cert
863863 sb->>b: Alice's ID-Cert
864+ b->>b: Check that the received ID-Cert is up-to-date, as defined in section 6.4.1
864865 b->>b: Verify signature of Alice's message, attempt 2
865- opt Verification fails again
866+ opt Verification fails again or ID-Cert is out of date
866867 b->>sa: Request Alice's ID-Cert
867868 sa->>b: Alice's ID-Cert
869+ b->>b: Check that the received ID-Cert is up-to-date, as defined in section 6.4.1
868870 b->>b: Verify signature of Alice's message, final attempt
869- opt Verification is still unsuccessful
871+ opt Verification is still unsuccessful or ID-Cert is still out of date
870872 b-->b: Treat Alice's message with extreme caution.
871873 end
872874 end
876878```
877879
878880* Fig. 4: Sequence diagram showing how message verification should be handled if the first attempt
879- to verify the signature fails.*
881+ to verify the signature fails, continuing the example of a conversation happening on a server
882+ "B" between Bob from a random server and Alice from server A*
880883
881884After evicting a cached ID-Cert:
882885
You can’t perform that action at this time.
0 commit comments