<div dir="ltr">Hello Carlos,<div><br></div><div>Sounds cool! I think you will need to save every state newer than the "throwaway number," because the other side is allowed to reference that state (or any newer state that you have acked) in building a new diff.</div><div><br></div><div>My main fear with these saved states is that a user would somehow be able to try "resuming" the same session twice, from the same save file. That will result in the same sequence number being reused, which would be cryptographically catastrophic. So any implementation that allows "resuming" from a saved state must ensure that the saved state is destroyed as part of the resumption.</div><div><br></div><div>-Keith</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 9, 2016 at 3:14 PM, Carlos Cabanero <span dir="ltr"><<a href="mailto:carlosecabanero@gmail.com" target="_blank">carlosecabanero@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69)">I have started to work on “Persistent Connections” for Blink with great success! For background, these are the related GH issues (<a href="https://github.com/mobile-shell/mosh/issues/394" target="_blank">https://github.com/mobile-<wbr>shell/mosh/issues/394</a>) and (<a href="https://github.com/blinksh/blink/issues/59" target="_blank"><span style="color:rgb(228,175,9)">https://github.com/blinksh/<wbr>blink/issues/59</span></a>).</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69);min-height:14px"><br></p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69)">I hacked together - as in I have hardcoded most of the stuff - a simple version that is able to save a session to disk and reconstruct it given the previous key. Turns out it was all a lot easier than I thought, without requiring hardcore object serialisation. States (timestamp, sequence nonce and content) can be dropped to disk as if they were going to be sent over the network, and reconstructing the states to the initial Terminal::Complete and Network::UserStream objects is straightforward with the diff functions. </p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69);min-height:14px"><br></p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69)">There is the question of how many states should be saved, from reading the code I guess the answer is all of them, from my test only the latest acked one was enough - but again, crappy test.</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69);min-height:14px"><br></p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69)">Another obvious security concern as the states contain information from the terminal in a completely readable format. Could that be encrypted again with the key before saving? In the case of iOS I can save the secure key to the keychain. But I think that on top of that, saving the session with a Passphrase might be a good idea.</p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69);min-height:14px"><br></p>
<p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69)">I understand that this might only be useful in Blink, but any guidance would be appreciated. In the same manner, if you change your opinion, I'm more than happy to walk the extra mile and make it work for everyone.</p><p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69)"><br></p><p style="margin:0px;font-size:12px;line-height:normal;font-family:helvetica;color:rgb(69,69,69)">Thanks a lot!!</p></div>
<br>______________________________<wbr>_________________<br>
mosh-devel mailing list<br>
<a href="mailto:mosh-devel@mit.edu">mosh-devel@mit.edu</a><br>
<a href="http://mailman.mit.edu/mailman/listinfo/mosh-devel" rel="noreferrer" target="_blank">http://mailman.mit.edu/<wbr>mailman/listinfo/mosh-devel</a><br>
<br></blockquote></div><br></div>