diff options
author | Nick Mathewson <nickm@torproject.org> | 2023-11-11 21:05:27 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2023-11-11 22:05:07 -0500 |
commit | a602166da2fffe55e882dd7879ecd82994996a45 (patch) | |
tree | 4a15019be7ac36ef2bda2795c0dc3c6f43aa6894 /spec/cert-spec.md | |
parent | 3c144ee285a97823fc06fca0e56e3af7b0bbf224 (diff) | |
download | torspec-a602166da2fffe55e882dd7879ecd82994996a45.tar.gz torspec-a602166da2fffe55e882dd7879ecd82994996a45.zip |
Revise description of CERTS cells.
Instead of a bunch of unsorted properties,
I'm trying to make it more clear why each property is checked.
I'm also trying to remove duplication, and move obsolete piles of
checks into the "obsolete-channels.md" section.
Diffstat (limited to 'spec/cert-spec.md')
-rw-r--r-- | spec/cert-spec.md | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/spec/cert-spec.md b/spec/cert-spec.md index ed827cd..873c258 100644 --- a/spec/cert-spec.md +++ b/spec/cert-spec.md @@ -168,7 +168,7 @@ during channel negotiation. |------| ------------- | ------ | ----------------------- | ------------ | --------- | ----- | |`[01]`| `TLS_LINK_X509` | [X.509]| [`KP_legacy_conn_tls`] | [`KS_relayid_rsa`] | [Legacy channel negotiation] | Obsolete | |`[02]`| `RSA_ID_X509` | [X.509]| [`KP_relayid_rsa`] | [`KS_relayid_rsa`] | [Legacy channel negotiation] | Obsolete | -|`[03]`| `LINK_AUTH_X509` | [X.509]| ? | ? | [Legacy channel negotiation] | Obsolete | +|`[03]`| `LINK_AUTH_X509` | [X.509]| [`KP_legacy_linkauth_rsa`]|[`KS_relayid_rsa`] | [Legacy channel negotiation] | Obsolete | |`[04]`| `IDENTITY_V_SIGNING` |[Ed]| [`KP_relaysign_ed`] | [`KS_relayid_ed`] | [Online signing keys] | | |`[05]`| `SIGNING_V_TLS_CERT` |[Ed]| A TLS certificate | [`KS_relaysign_ed`] | [CERTS cells] | | |`[06]`| `SIGNING_V_LINK_AUTH`|[Ed]| [`KP_link_ed`] | [`KS_relaysign_ed`] | [CERTS cells] | | @@ -178,13 +178,11 @@ during channel negotiation. |`[0A]`| `NTOR_CC_IDENTITY` |[Ed]| [`KP_relayid_ed`] | [`EdCvt`]`(`[`KS_ntor`]`)` | [ntor cross-cert] | | |`[0B]`| `HS_IP_CC_SIGNING` |[Ed]| [`KP_hss_ntor`] | [`KS_hs_desc_sign`] | [HsDesc (`enc-key-cert`)] | Backwards, see [note 1](#note-1) | - -<!-- TODO: Figure out what [03] was for! --> - [X.509]: #x509 [Rsa]: #rsa-cross-cert [Ed]: #ed-certs [`KP_legacy_conn_tls`]: ./tor-spec/relay-keys.md#legacy_conn_tls +[`KP_legacy_linkauth_rsa`]: ./tor-spec/relay-keys.md#legacy_linkauth_rsa [`KP_relayid_rsa`]: ./tor-spec/relay-keys.md#relayid_rsa [`KP_relaysign_ed`]: ./tor-spec/relay-keys.md#relaysign_ed [`KP_relayid_ed`]: ./tor-spec/relay-keys.md#relayid_ed @@ -221,6 +219,7 @@ are given in the table. They were originally meant to be the inverse of this order. </span> + <a id="cert-spec.txt-A.2"></a> ## List of extension types { #list-ext-types } |