4.2 Establishing a Connection Using Password Authentication
Node 2 requests to connect to a Group created by Node 1. Node 1 is already listening for incoming connections. Node 2 does not have a GMC.
Figure 4: Establishing a connection using password authentication
To establish the connection, the following steps occur:
Node 2 (the Requestor) queries PNRP for a Group Node. For example, if the Group Peer Name is "abc123", Node 2 queries for "abc123.participant".
PNRP responds with the address and port of Node 1 (the Authenticator).
Node 2 establishes a P2P Graphing connection to Node 1. Because P2P Graphing has been configured to use P2P Grouping as the Graph Security Provider, P2P Grouping is asked to authenticate the connection.
Node 2 and Node 1 establish a secure connection using TLS.
Node 2 sends a message containing the Hello message and an empty Password message.
Node 1 validates that the Group is configured to allow password authentication, and responds with a message containing the Hello message and the MyGMC message.
Node 2 validates that the GMC received in the MyGMC message is for the Group to which it is intending to connect.
Node 2 generates a Password message containing the proof of password.
Node 1 validates that the Password message contains the correct data, thus ensuring that Node 2 knew the correct password.
Node 1 generates a GMC chain for Node 2.
Node 1 responds with a YourGMC message, containing the GMC it created in step 10.
The connection is now authenticated, and the P2P Graphing protocol begins using the connection.