diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-09-19 14:39:55 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-09-19 14:39:55 -0400 |
| commit | 72993063dcda1f9bcbde59c399d42777ba0d0af1 (patch) | |
| tree | f0c5e4b94fa6651072ea987b777cb44c23e49bca /rend-spec-v3.txt | |
| parent | 471af27b55ff3894551109b45848f2ce1002441b (diff) | |
| download | torspec-72993063dcda1f9bcbde59c399d42777ba0d0af1.tar.gz torspec-72993063dcda1f9bcbde59c399d42777ba0d0af1.zip | |
Mark unimplemented parts of rend-spec-v3
Diffstat (limited to 'rend-spec-v3.txt')
| -rw-r--r-- | rend-spec-v3.txt | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index 5540f2e..ef5f940 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -463,6 +463,8 @@ Table of contents: optional client authorization is enabled, the service may additionally require the client to prove knowledge of a pre-shared private key. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + 1.4. In more detail: Distributing hidden service descriptors. [IMD:DIST] Periodically, hidden service descriptors become stored at different @@ -535,6 +537,9 @@ Table of contents: secret master identity key. The secret blinded signing key should only be used to create credentials for the descriptor signing keys. + (NOTE: although the protocol allows them, offline keys are not + implemented as of 0.3.2.1-alpha.) + 1.8. In more detail: Encryption Keys And Replay Resistance To avoid replays of an introduction request by an introduction point, @@ -635,6 +640,8 @@ Table of contents: [TODO: Also specify stealth client authorization.] + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + 2. Generating and publishing hidden service descriptors [HSDIR] Hidden service descriptors follow the same metaformat as other Tor @@ -1174,6 +1181,8 @@ Table of contents: [Any number] + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + When client authorization is enabled, the hidden service inserts an "auth-client" line for each of its authorized clients. If client authorization is disabled, the fields here can be populated with random @@ -2269,6 +2278,9 @@ Appendix F. Hidden service directory format [HIDSERVDIR-FORMAT] as the ~/.ssh/authorized_keys of onion services. See [CLIENT-AUTH-MGMT] for more details. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + + - "./client_authorized_privkeys/" [DIRECTORY] "./client_authorized_privkeys/alice.privkey" [FILE] "./client_authorized_privkeys/bob.privkey" [FILE] @@ -2279,6 +2291,8 @@ Appendix F. Hidden service directory format [HIDSERVDIR-FORMAT] then this directory contains files with client's private keys. See [CLIENT-AUTH-MGMT] for more details. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + Appendix E. Managing authorized client data [CLIENT-AUTH-MGMT] Hidden services and clients can configure their authorized client data either @@ -2286,6 +2300,8 @@ Appendix E. Managing authorized client data [CLIENT-AUTH-MGMT] scheme for configuring client authorization. Please see appendix [HIDSERVDIR-FORMAT] for more information about relevant hidden service files. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + E.1. Configuring client authorization using torrc E.1.1. Hidden Service side |