diff options
| author | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2023-01-17 18:10:51 +0000 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2023-01-19 10:20:45 -0500 |
| commit | 90919950d131cb9a0b6bae4778822d0c565757eb (patch) | |
| tree | 685fdd2af867d561f4b3337b1cd549de72ced70a | |
| parent | 1d5ba4f51a302992b9c29a2aca1c8f6bf4f29872 (diff) | |
| download | torspec-90919950d131cb9a0b6bae4778822d0c565757eb.tar.gz torspec-90919950d131cb9a0b6bae4778822d0c565757eb.zip | |
Use _ed rather than _ntor for ed25519 keys
Even the ones that are actually ntor. Perhaps that's wrong and those
should be ntor? Personally I like it this way.
| -rw-r--r-- | rend-spec-v3.txt | 4 | ||||
| -rw-r--r-- | tor-spec.txt | 12 |
2 files changed, 8 insertions, 8 deletions
diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index bc565fa..4d598cc 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -586,7 +586,7 @@ Table of contents: KP_hsid, KS_hsid. For services which run on a relay, this key SHOULD NOT be the - same as the Tor instance's KP_relayid_ntor. + same as the Tor instance's KP_relayid_ed. Blinded signing key -- A keypair derived from the identity key, used to sign descriptor signing keys. It changes periodically for @@ -631,7 +631,7 @@ Table of contents: Public/private keypairs defined elsewhere: - Onion key -- Short-term encryption keypair (K_onion_ntor). + Onion key -- Short-term encryption keypair (K_onion_ed). (Node) identity key (K_relayid). diff --git a/tor-spec.txt b/tor-spec.txt index 6654e0e..c21fe49 100644 --- a/tor-spec.txt +++ b/tor-spec.txt @@ -252,30 +252,30 @@ see tor-design.pdf. longer advertised. Because of this, relays MUST retain old keys for a while after they're rotated. (See "onion key lifetime parameters" in dir-spec.txt.) - KP_onion_ntor, KS_onion_ntor. + KP_onion_ed, KS_onion_ed. These are Ed25519 keys: - A long-term "master identity" key. This key never changes; it is used only to sign the "signing" key below. It may be kept offline. - KP_relayid_ntor, KS_relayid_ntor. + KP_relayid_ed, KS_relayid_ed. - A medium-term "signing" key. This key is signed by the master identity key, and must be kept online. A new one should be generated periodically. It signs nearly everything else. - KP_relaysign_ntor, KS_relaysign_ntor. + KP_relaysign_ed, KS_relaysign_ed. - A short-term "link authentication" key, used to authenticate the link handshake: see section 4 below. This key is signed by the "signing" key, and should be regenerated frequently. - KP_link_ntor, KS_link_ntor. + KP_link_ed, KS_link_ed. KP_relayid_* together identify a router uniquely. Once a router - has used a KP_relayid_ntor (an Ed25519 master identity key) + has used a KP_relayid_ed (an Ed25519 master identity key) together with a given KP_relayid_rsa (RSA identity key), neither of those keys may ever be used with a different key. We write KP_relayid to refer to a key which is either - KP_relayid_rsa or KP_relayid_ntor. + KP_relayid_rsa or KP_relayid_ed. 2. Connections |