Merge branch 'cert-sign' into 'main'

cert-spec: improve signature formulation See merge request tpo/core/torspec!146
author: Nick Mathewson <nickm@torproject.org> 2023-06-26 13:18:23 +0000
committer: Nick Mathewson <nickm@torproject.org> 2023-06-26 13:18:23 +0000
commit: 769946837e30e1e3e39993065fb3379cb9b1c7ee (patch)
tree: 7049e94a3a05d9cf8a5d7d4abf321c5dd39a5bc7
parent: 1d8636116efe95e05748d97807e1999120f7ddbc (diff)
parent: db8511aff560786949f6666df5d794515631ff0c (diff)
download: torspec-769946837e30e1e3e39993065fb3379cb9b1c7ee.tar.gz
torspec-769946837e30e1e3e39993065fb3379cb9b1c7ee.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/cert-spec.txt b/cert-spec.txt
index 1782141..ef6ec01 100644
--- a/cert-spec.txt
+++ b/cert-spec.txt
@@ -92,8 +92,9 @@ Table of Contents
 
    Before processing any certificate, parties SHOULD know which
    identity key it is supposed to be signed by, and then check the
-   signature.  The signature is formed by signing the first N-64
-   bytes of the certificate.
+   signature.  The signature is created by signing all the fields in
+   the certificate up until "SIGNATURE" (that is, signing
+   sizeof(ed25519_cert) - 64 bytes).
 
 2.2. Basic extensions
author	Nick Mathewson <nickm@torproject.org>	2023-06-26 13:18:23 +0000
committer	Nick Mathewson <nickm@torproject.org>	2023-06-26 13:18:23 +0000
commit	769946837e30e1e3e39993065fb3379cb9b1c7ee (patch)
tree	7049e94a3a05d9cf8a5d7d4abf321c5dd39a5bc7
parent	1d8636116efe95e05748d97807e1999120f7ddbc (diff)
parent	db8511aff560786949f6666df5d794515631ff0c (diff)
download	torspec-769946837e30e1e3e39993065fb3379cb9b1c7ee.tar.gz torspec-769946837e30e1e3e39993065fb3379cb9b1c7ee.zip