Making Ports reusable
Preliminary reading
Before learning about how we make Ports reusable, you must first be familiar with the Port protocol and the goals that it accomplishes
A case for reusable Ports
Why would we make Ports reusable? Sometimes you want to connect with people en-masse without going through the effort of sharing something with each of them individually. For example, you may want to post an ad on an online marketplace and have people reach out to you until you're done selling the item.
How goals differ from single-use ports
Since the use-cases for reusable ports involves publishing it somewhere for (potentially) strangers to connect with them, we modify one of the goals of the Port protocol: The initiator (person creating the Port) no longer needs to authenticate that the peer is the person they intended to connect with, but rather that the connector is someone who had access to the complete Port. On the connector's end, however, they still require the guarantee that they're connected to the owner of the Port.
Why knowing that the sharer of the Port matters
It is important for the initiator to be certain that only people who can access a re-usable Port are able to use it because:
A user may share the re-usable port over a secure channel, like a group what behind a login link and only want those members to have access to it
To prohibit the server from forcing new connections onto a user without their consent. Some information needed to accept a connection as valid still needs to be hidden from the server.
Modifications to the protocol
There's only one change to the Port protocol to make it the reusable Port protocol: The initiator, Alice, skips the cleanup process after computing a shared secret to communicate with the peer.
By skipping the cleanup process, the initiator can accept new connections with new routing ids using the same Port
Every peer that connects to the initiator will generate a new x25519 key pair and thus a unique secret. As such, there's never an occasion where a user is able to impersonate another user, even with a co-operative server and having both the authentic and impersonating user connected to the initiator with the same reusable Port
The server, without access to the entire Port, cannot force new connections onto the initiator since the server will not have access to the random authentication data that they expect to be part of the encrypted introductory message.
Disabling a Port
If a user wants to terminate usage of a reusable Port, all they need to do is perform the cleanup process and "forget" the link and associated data. This way, they will reject any new incoming connections from an inactive reusable Port. Connections formed using a reusable port will remain even if the Port is invalidated. This is a feature, not a bug. Port implements closing a formed connection separately.
