cert-spec: improve signature formulation

I personally had a hard time implementing the signature validation in Ed25519 certificates, as I have misinterpreted it as signing only the first 64 bytes. I hope that this patch puts more clearance into the material.
author: Emil Engler <me@emilengler.com> 2023-06-25 16:36:48 +0200
committer: Emil Engler <me@emilengler.com> 2023-06-25 16:36:48 +0200
commit: db8511aff560786949f6666df5d794515631ff0c (patch)
tree: 7049e94a3a05d9cf8a5d7d4abf321c5dd39a5bc7 /cert-spec.txt
parent: 1d8636116efe95e05748d97807e1999120f7ddbc (diff)
download: torspec-db8511aff560786949f6666df5d794515631ff0c.tar.gz
torspec-db8511aff560786949f6666df5d794515631ff0c.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/cert-spec.txt b/cert-spec.txt
index 1782141..ef6ec01 100644
--- a/cert-spec.txt
+++ b/cert-spec.txt
@@ -92,8 +92,9 @@ Table of Contents
 
    Before processing any certificate, parties SHOULD know which
    identity key it is supposed to be signed by, and then check the
-   signature.  The signature is formed by signing the first N-64
-   bytes of the certificate.
+   signature.  The signature is created by signing all the fields in
+   the certificate up until "SIGNATURE" (that is, signing
+   sizeof(ed25519_cert) - 64 bytes).
 
 2.2. Basic extensions
author	Emil Engler <me@emilengler.com>	2023-06-25 16:36:48 +0200
committer	Emil Engler <me@emilengler.com>	2023-06-25 16:36:48 +0200
commit	db8511aff560786949f6666df5d794515631ff0c (patch)
tree	7049e94a3a05d9cf8a5d7d4abf321c5dd39a5bc7 /cert-spec.txt
parent	1d8636116efe95e05748d97807e1999120f7ddbc (diff)
download	torspec-db8511aff560786949f6666df5d794515631ff0c.tar.gz torspec-db8511aff560786949f6666df5d794515631ff0c.zip