summaryrefslogtreecommitdiff
path: root/doc/spec/proposals/162-consensus-flavors.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/spec/proposals/162-consensus-flavors.txt')
-rw-r--r--doc/spec/proposals/162-consensus-flavors.txt32
1 files changed, 21 insertions, 11 deletions
diff --git a/doc/spec/proposals/162-consensus-flavors.txt b/doc/spec/proposals/162-consensus-flavors.txt
index 8fdf9d07bf..e3b697afee 100644
--- a/doc/spec/proposals/162-consensus-flavors.txt
+++ b/doc/spec/proposals/162-consensus-flavors.txt
@@ -72,9 +72,11 @@ Spec modifications:
design.
In addition to the consensus currently served at
- /tor/status-vote/(current|next)/consensus.z , authorities serve
- another consensus of each flavor "F" from the location
- /tor/status-vote/(current|next)/F/consensus.z.
+ /tor/status-vote/(current|next)/consensus.z and
+ /tor/status-vote/(current|next)/consensus/<FP1>+<FP2>+<FP3>+....z ,
+ authorities serve another consensus of each flavor "F" from the
+ locations /tor/status-vote/(current|next)/consensus-F.z. and
+ /tor/status-vote/(current|next)/consensus-F/<FP1>+....z.
When caches serve these documents, they do so from the same
locations.
@@ -91,9 +93,18 @@ Spec modifications:
3. Document format: detached signatures.
- In addition to the current detached signature format, we allow
- the first line to take the form,
- "consensus-digest" SP flavor SP 1*(Algname "=" Digest) NL
+ We amend the detached signature format to include more than one
+ consensus-digest line, and more than one set of signatures.
+
+ After the consensus-digest line, we allow more lines of the form:
+ "additional-digest" SP flavor SP algname SP digest NL
+
+ Before the directory-signature lines, we allow more entries of the form:
+ "additional-signature" SP flavor SP algname SP identity SP
+ signing-key-digest NL signature.
+
+ [We do not use "consensus-digest" or "directory-signature" for flavored
+ consensuses, since this could confuse older Tors.]
The consensus-signatures URL should contain the signatures
for _all_ flavors of consensus.
@@ -139,11 +150,10 @@ Spec modifications:
4.1. The "sha256" signature format.
The 'SHA256' signature format for directory objects is defined as
- the RSA signature of the OAEP+-padded SHA256 digest of the SHA256
- digest of the item to be signed. When checking signatures,
- the signature MUST be treated as valid if the signature material
- begins with SHA256(SHA256(document)); this allows us to add other
- data later.
+ the RSA signature of the OAEP+-padded SHA256 digest of the item to
+ be signed. When checking signatures, the signature MUST be treated
+ as valid if the signature material begins with SHA256(document);
+ this allows us to add other data later.
Considerations:
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion