Does this contact come back with the same public RSA key each time? Could they sign a small piece of data with the key? It probably [is/isn't] them, then.
In Synchrony[1] this forms your address (like an email address but for editing web pages / chat / RTC teleconferencing / multi-user JS/WebAssembly applications), which contacts can then put a name to in the UI by mousing over.
The address has the form network_name/node_id/user_id, where network_name is an opt-in namespace (so Synchrony can select routing tables based on their overall trustworthiness), node_id is 160 bits based on the SHA1 of "ip:port:pubkey" which peer nodes can then verify, preventing one another from assuming node IDs that correspond to popular URLs, so no one can computationally inexpensively monitor popular URLs for financial gain[2].
Note that the RSA keypair is per-instance of the software and not per user-identity - that when we ask a node if it can sign for some data it's the installation rather than the individual user identity being checked.
In Synchrony[1] this forms your address (like an email address but for editing web pages / chat / RTC teleconferencing / multi-user JS/WebAssembly applications), which contacts can then put a name to in the UI by mousing over.
The address has the form network_name/node_id/user_id, where network_name is an opt-in namespace (so Synchrony can select routing tables based on their overall trustworthiness), node_id is 160 bits based on the SHA1 of "ip:port:pubkey" which peer nodes can then verify, preventing one another from assuming node IDs that correspond to popular URLs, so no one can computationally inexpensively monitor popular URLs for financial gain[2].
Note that the RSA keypair is per-instance of the software and not per user-identity - that when we ask a node if it can sign for some data it's the installation rather than the individual user identity being checked.
[1] https://github.com/psybernetics/synchrony [2] http://www.tm.uka.de/doc/SKademlia_2007.pdf