3.3.5.2.3 Receive Hello + MyGMC Message
If the Hello + MyGMC message is received when the Authenticator is not in the "TLS Connected" state, the message MUST be silently discarded and the connection MUST be terminated.
If the Hello + MyGMC message is received when the Authenticator is in the "TLS Connected" state, the local node MUST:
Validate the remote GMC from the MyGMC part of the message. See section 2.2.5 for validity requirements.
Verify that the remote GMC's public key matches the public key in the remote IDC used in TLS negotiation.
Verify that the GMC's Group Peer Name matches the Group Peer Name to which this node is expecting to connect.
If at any point these verifications fail, the connection MUST be terminated.
Otherwise, the local node MUST do the following:
If the local GMC is expired:
Build a Hello message.
Pass it to the TLS layer for processing.
Pass the message returned by the TLS layer to P2P Graphing to be sent.
Set the Group Connect State datum to "Hello Sent".
Otherwise, the local node MUST:
Build a message containing the Hello message and MyGMC message containing the local GMC chain.
Pass it to the TLS layer for processing.
Pass the message returned by the TLS layer to P2P Graphing to be sent.
Signal P2P Graphing that the Requestor is now connected to the group.
Set the Group Connect State datum to "Authentication Complete".