diff options
| author | George Kadianakis <desnacked@riseup.net> | 2018-04-13 15:11:32 +0300 |
|---|---|---|
| committer | George Kadianakis <desnacked@riseup.net> | 2018-04-13 15:12:36 +0300 |
| commit | 7ad2fff7ef43678411b8e8ba6c40a1aaed27ee28 (patch) | |
| tree | 4c49e416129ff8cdcfdfb0a62a246ff77b5e7959 /cert-spec.txt | |
| parent | a442ab92e84a044ffe90cad37cd517e0f98e1bea (diff) | |
| download | torspec-7ad2fff7ef43678411b8e8ba6c40a1aaed27ee28.tar.gz torspec-7ad2fff7ef43678411b8e8ba6c40a1aaed27ee28.zip | |
Fix inconsistencies on HS v3 spec and cert-spec.txt.
Pointed out by inkylatenoth in:
https://lists.torproject.org/pipermail/tor-dev/2017-October/012527.html
Fixes ticket #24544.
Diffstat (limited to 'cert-spec.txt')
| -rw-r--r-- | cert-spec.txt | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/cert-spec.txt b/cert-spec.txt index 05f17f4..95c303f 100644 --- a/cert-spec.txt +++ b/cert-spec.txt @@ -72,8 +72,7 @@ Before processing any certificate, parties SHOULD know which identity key it is supposed to be signed by, and then check the signature. The signature is formed by signing the first N-64 - bytes of the certificate prefixed with the string "Tor node - signing key certificate v1". + bytes of the certificate. 2.2. Basic extensions @@ -159,7 +158,6 @@ A.3. List of signature prefixes We describe various documents as being signed with a prefix. Here are those prefixes: - "Tor node signing key certificate v1" (section 2.1) "Tor router descriptor signature v1" (see dir-spec.txt) A.4. List of certified key types @@ -167,4 +165,9 @@ A.4. List of certified key types [01] ed25519 key [02] SHA256 hash of an RSA key [03] SHA256 hash of an X.509 certificate + [08] short-term HS descriptor signing key, signed with blinded public key (rend-spec-v3.txt) + [09] intro point authentication key, cross-certifying the HS descriptor + signing key (rend-spec-v3.txt) + [0B] ed25519 key derived from the curve25519 intro point encryption key, + cross-certifying the HS descriptor signing key (rend-spec-v3.txt) |