diff options
| author | Nick Mathewson <nickm@torproject.org> | 2023-11-11 21:05:27 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2023-11-11 22:05:07 -0500 |
| commit | a602166da2fffe55e882dd7879ecd82994996a45 (patch) | |
| tree | 4a15019be7ac36ef2bda2795c0dc3c6f43aa6894 /spec/tor-spec/relay-keys.md | |
| parent | 3c144ee285a97823fc06fca0e56e3af7b0bbf224 (diff) | |
| download | torspec-a602166da2fffe55e882dd7879ecd82994996a45.tar.gz torspec-a602166da2fffe55e882dd7879ecd82994996a45.zip | |
Revise description of CERTS cells.
Instead of a bunch of unsorted properties,
I'm trying to make it more clear why each property is checked.
I'm also trying to remove duplication, and move obsolete piles of
checks into the "obsolete-channels.md" section.
Diffstat (limited to 'spec/tor-spec/relay-keys.md')
| -rw-r--r-- | spec/tor-spec/relay-keys.md | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/spec/tor-spec/relay-keys.md b/spec/tor-spec/relay-keys.md index 6086819..aa8f4ec 100644 --- a/spec/tor-spec/relay-keys.md +++ b/spec/tor-spec/relay-keys.md @@ -18,7 +18,7 @@ and a `KS_` prefix denotes the corresponding secret key. > For historical reasons or reasons of space, > you will sometimes encounter > multiple English names for the same key, -> or shortened versions of that name. +2> or shortened versions of that name. > The identifier for a key, however, > should always be unique and unambiguous. @@ -31,7 +31,7 @@ a relay's identity key `KP_relayid_ed` MUST NOT also be used as its medium-term signing key `KP_relaysign_ed`. -## Identity keys +## Identity keys {#identity} An **identity key** is a long-lived key that uniquely identifies a relay. @@ -146,15 +146,6 @@ These keys are authenticated with other, longer lived keys. Relays MAY rotate them as often as they like, and SHOULD rotate them frequently—typically, at least once a day. -<!-- TODO: The following should get revised after I revise the channel - handshake distinction. As it stands I'm not at all sure I can - describe them correctly. --> - -- <span id="legacy_conn_tls">`KP_legacy_conn_tls`, `KS_legacy_conn_tls`</span>: - A short-term RSA "Connection key" used to negotiate TLS connections. - Tor implementations MAY rotate this key as often as they like, and - SHOULD rotate this key at least once a day. - - <span id="link_ed">`KP_link_ed`, `KS_link_ed`</span>. A short-term Ed25519 "link authentication" key, used to authenticate the link handshake: see @@ -162,5 +153,18 @@ and SHOULD rotate them frequently—typically, at least once a day. This key is signed by the "signing" key, and should be regenerated frequently. +- <span id="legacy_linkauth_rsa">`KP_legacy_linkauth_rsa`, `KS_legacy_linkauth_rsa`</span>: + A 1024-bit RSA key, used to authenticate the link handshake. + (No longer used in modern Tor.) + It played a role similar to `KP_link_ed`. +As a convenience, to describe legacy versions of the link handshake, +we give a name to the public key used for the TLS handshake itself: + +- <span id="legacy_conn_tls">`KP_legacy_conn_tls`, `KS_legacy_conn_tls`</span>: + A short term key used to for TLS connections. + (No longer used in modern Tor.) + This was another name for the server's TLS key, + which at the time was required to be an RSA key. + It was used in some legacy handshake versions. |