Tweak proposals 220 and 224 to make them work with trunnel

2 files changed, 19 insertions, 20 deletions

diff --git a/proposals/220-ecc-id-keys.txt b/proposals/220-ecc-id-keys.txt
index d4ed4e8..95ed4dd 100644
--- a/proposals/220-ecc-id-keys.txt
+++ b/proposals/220-ecc-id-keys.txt
@@ -75,7 +75,7 @@ Status: Draft
 
          VERSION         [1 Byte]
          CERT_TYPE       [1 Byte]
-         EXPIRATION_DATE [3 Bytes]
+         EXPIRATION_DATE [4 Bytes]
          CERT_KEY_TYPE   [1 byte]
          CERTIFIED_KEY   [32 Bytes]
          N_EXTENSIONS    [1 byte]
@@ -88,8 +88,8 @@ Status: Draft
    CERT_KEY_TYPE is [01], or a SHA256 hash of some other key type
    depending on the value of CERT_KEY_TYPE. The EXPIRATION_DATE is a
    date, given in HOURS since the epoch, after which this
-   certificate isn't valid. (A three-byte field here will work fine
-   until 5797 A.D.)
+   certificate isn't valid. (A four-byte field here will work fine
+   until 10136 A.D.)
 
    The EXTENSIONS field contains zero or more extensions, each of
    the format:
@@ -142,8 +142,9 @@ Status: Draft
          IDENTITY_KEY    [32 Bytes]
          REVOKED_KEY     [32 Bytes]
          PUBLISHED       [8 Bytes]
-         REV_EXTENSIONS  [variable length, up to length of revocation
-                          document minus 64 bytes]
+         N_EXTENSIONS    [1 Byte]
+           N_EXTENSIONS_TIMES:
+           EXTENSIONS      [N_EXTENSIONS times]
          SIGNATURE       [64 Bytes]
 
    FIXED_PREFIX is "REVOKEID" or "REVOKESK". VERSION is [01]. KEYTYPE is
diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index b8f0f04..01c682a 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -968,11 +968,11 @@ Status: Draft
      AUTH_KEY_TYPE    [1 byte]
      AUTH_KEY_LEN     [1 byte]
      AUTH_KEY         [AUTH_KEY_LEN bytes]
-     Any number of times:
+     N_EXTENSIONS     [1 byte]
+     N_EXTENSIONS times:
         EXT_FIELD_TYPE [1 byte]
         EXT_FIELD_LEN  [1 byte]
         EXT_FIELD      [EXTRA_FIELD_LEN bytes]
-     ZERO             [1 byte]
      HANDSHAKE_AUTH   [MAC_LEN bytes]
      SIGLEN           [1 byte]
      SIG              [SIGLEN bytes]
@@ -998,9 +998,6 @@ Status: Draft
    future extensions to the introduction protocol. Extensions with
    unrecognized EXT_FIELD_TYPE values must be ignored.
 
-   The ZERO field contains the byte zero; it marks the end of the
-   extension fields.
-
    The HANDSHAKE_AUTH field contains the MAC of all earlier fields in
    the cell using as its key the shared per-circuit material ("KH")
    generated during the circuit extension protocol; see tor-spec.txt
@@ -1170,11 +1167,11 @@ Status: Draft
 
      AUTH_KEYID      [32 bytes]
      ENC_KEYID       [8 bytes]
-     Any number of times:
+     N_EXTENSIONS    [1 Byte]
+     N_EXTENSIONS times:
        EXT_FIELD_TYPE [1 byte]
        EXT_FIELD_LEN  [1 byte]
        EXT_FIELD      [EXTRA_FIELD_LEN bytes]
-     ZERO             [1 byte]
      ENCRYPTED        [Up to end of relay payload]
 
    [TODO: Should we have a field to determine the type of ENCRYPTED, or
@@ -1204,8 +1201,9 @@ Status: Draft
 3.2.2. INTRODUCE_ACK cell format. [INTRO_ACK]
 
    An INTRODUCE_ACK cell has the following fields:
-     STATUS    [2 bytes]
-     Any number of times:
+     STATUS       [2 bytes]
+     N_EXTENSIONS [1 bytes]
+     N_EXTENSIONS times:
        EXT_FIELD_TYPE [1 byte]
        EXT_FIELD_LEN  [1 byte]
        EXT_FIELD      [EXTRA_FIELD_LEN bytes]
@@ -1231,11 +1229,11 @@ Status: Draft
 
      AUTH_KEYID_HASH  [20 bytes]
      ENC_KEYID        [8 bytes]
-     Any number of times:
+
        EXT_FIELD_TYPE [1 byte]
        EXT_FIELD_LEN  [1 byte]
        EXT_FIELD      [EXTRA_FIELD_LEN bytes]
-     ZERO             [1 byte]
+
      ENCRYPTED        [Up to end of relay payload]
 
    Here, AUTH_KEYID_HASH is the hash of the introduction point
@@ -1270,11 +1268,11 @@ Status: Draft
    The decrypted plaintext must have the form:
 
       RENDEZVOUS_COOKIE                          [20 bytes]
-      Any number of times:
+      N_EXTENSIONS                               [1 byte]
+      N_EXTENSIONS times:
           EXT_FIELD_TYPE                         [1 byte]
           EXT_FIELD_LEN                          [1 byte]
           EXT_FIELD                              [EXTRA_FIELD_LEN bytes]
-      ZERO                                       [1 byte]
       ONION_KEY_TYPE                             [2 bytes]
       ONION_KEY                                  [depends on ONION_KEY_TYPE]
       NSPEC      (Number of link specifiers)     [1 byte]
@@ -1377,11 +1375,11 @@ Status: Draft
 
             AUTH_KEYID                  [32 bytes]
             ENC_KEYID                   [8 bytes]
-            Any number of times:
+            N_EXTENSIONS                [1 bytes]
+            N_EXTENSIONS times:
                EXT_FIELD_TYPE           [1 byte]
                EXT_FIELD_LEN            [1 byte]
                EXT_FIELD                [EXTRA_FIELD_LEN bytes]
-            ZERO                        [1 byte]
             ENCRYPTED:
                CLIENT_PK                [G_LENGTH bytes]
                ENCRYPTED_DATA           [Padded to length of plaintext]