diff options
| -rw-r--r-- | control-spec.txt | 18 | ||||
| -rw-r--r-- | dir-spec.txt | 51 | ||||
| -rw-r--r-- | param-spec.txt | 2 | ||||
| -rw-r--r-- | path-spec.txt | 2 | ||||
| -rw-r--r-- | proposals/000-index.txt | 4 | ||||
| -rw-r--r-- | proposals/318-limit-protovers.md | 3 | ||||
| -rw-r--r-- | proposals/BY_INDEX.md | 2 | ||||
| -rw-r--r-- | proposals/README.md | 2 | ||||
| -rw-r--r-- | rend-spec-v3.txt | 2 |
9 files changed, 51 insertions, 35 deletions
diff --git a/control-spec.txt b/control-spec.txt index a261031..72d3195 100644 --- a/control-spec.txt +++ b/control-spec.txt @@ -676,14 +676,8 @@ "desc/all-recent" -- the latest server descriptor for every router that Tor knows about. (See md note about "desc/id" and "desc/name" above.) - "network-status" -- a space-separated list (v1 directory style) - of all known OR identities. This is in the same format as the - router-status line in v1 directories; see dir-spec-v1.txt section - 3 for details. (If VERBOSE_NAMES is enabled, the output will - not conform to dir-spec-v1.txt; instead, the result will be a - space-separated list of LongName, each preceded by a "!" if it is - believed to be not running.) This option is deprecated; use - "ns/all" instead. + "network-status" -- [Deprecated in 0.3.1.1-alpha, removed + in 0.4.5.1-alpha.] "address-mappings/all" "address-mappings/config" @@ -3611,7 +3605,8 @@ configuration option. Tor accepts relative and full path. Message = The log message that the PT sends back to the tor parent process minus the "LOG" string prefix. Formatted as - specified in pt-spec.txt section 3.3.4. + specified in pt-spec.txt section "3.3.4. Pluggable + Transport Log Message". This event is triggered when tor receives a log message from the PT. @@ -3633,11 +3628,12 @@ Program = The program path as defined in the *TransportPlugin configuration option. Tor accepts relative and full path. - Transport = This value indicate a hint on what the PT is such has the + Transport = This value indicate a hint on what the PT is such as the name or the protocol used for instance. Message = The status message that the PT sends back to the tor parent process minus the "STATUS" string prefix. Formatted as - specified in pt-spec.txt section 3.3.5. + specified in pt-spec.txt section "3.3.5 Pluggable + Transport Status Message". This event is triggered when tor receives a log message from the PT. diff --git a/dir-spec.txt b/dir-spec.txt index 858114d..148163d 100644 --- a/dir-spec.txt +++ b/dir-spec.txt @@ -441,7 +441,7 @@ "identity-ed25519" NL "-----BEGIN ED25519 CERT-----" NL certificate "-----END ED25519 CERT-----" NL - [At most once, in second position in document.] + [Exactly once, in second position in document.] [No extra arguments] The certificate is a base64-encoded Ed25519 certificate (see @@ -453,14 +453,18 @@ signed-with-ed25519-key extension (see cert-spec.txt, section 2.2.1), so that we can extract the master identity key. + [Before Tor 0.4.5.1-alpha, this field was optional.] + "master-key-ed25519" SP MasterKey NL - [At most once] + [Exactly once] Contains the base-64 encoded ed25519 master key as a single argument. If it is present, it MUST match the identity key in the identity-ed25519 entry. + [Before Tor 0.4.5.1-alpha, this field was optional.] + "bandwidth" bandwidth-avg bandwidth-burst bandwidth-observed NL [Exactly once] @@ -535,10 +539,9 @@ "onion-key-crosscert" NL a RSA signature in PEM format. - [At most once, required when identity-ed25519 is present] + [Exactly once] [No extra arguments] - This element contains an RSA signature, generated using the onion-key, of the following: @@ -558,9 +561,12 @@ had control over the secret key corresponding to the onion-key. + [Before Tor 0.4.5.1-alpha, this field was optional whenever + identity-ed25519 was absent.] + "ntor-onion-key" base-64-encoded-key - [At most once] + [Exactly once] A curve25519 public key used for the ntor circuit extended handshake. It's the standard encoding of the OR's curve25519 @@ -569,11 +575,13 @@ for at least 1 week after any new key is published in a subsequent descriptor. + [Before Tor 0.4.5.1-alpha, this field was optional.] + "ntor-onion-key-crosscert" SP Bit NL "-----BEGIN ED25519 CERT-----" NL certificate "-----END ED25519 CERT-----" NL - [At most once, required when identity-ed25519 is present] + [Exactly once] [No extra arguments] A signature created with the ntor-onion-key, using the @@ -593,6 +601,9 @@ had control over the secret key corresponding to the ntor-onion-key. + [Before Tor 0.4.5.1-alpha, this field was optional whenever + identity-ed25519 was absent.] + "signing-key" NL a public key in PEM format [Exactly once] @@ -626,8 +637,7 @@ "router-sig-ed25519" SP Signature NL - [At most once.] - [Required when identity-ed25519 is present; forbidden otherwise.] + [Exactly once.] It MUST be the next-to-last element in the descriptor, appearing immediately before the RSA signature. It MUST contain an Ed25519 @@ -642,6 +652,9 @@ The signing key in the identity-ed25519 certificate MUST be the one used to sign the document. + [Before Tor 0.4.5.1-alpha, this field was optional whenever + identity-ed25519 was absent.] + "router-signature" NL Signature NL [At end, exactly once] @@ -819,8 +832,7 @@ "proto" SP Entries NL - [At most one.] - [Will become mandatory at some point after May 2018.] + [Exactly once.] Entries = Entries = Entry @@ -843,10 +855,12 @@ sorted by keyword. Values should be numerically ascending within each entry. (This implies that there should be no overlapping ranges.) Ranges should be represented as compactly as possible. Ints must be no - more than 2^32 - 2. (Yes, 2.) + larger than 63. + + This field was first added in Tor 0.2.9.x. + + [Before Tor 0.4.5.1-alpha, this field was optional.] - This field was first added in Tor 0.2.9.x. Some time after all earlier - Tor relay versions are obsolete, it will become mandatory. 2.1.2. Extra-info document format @@ -1524,13 +1538,15 @@ "ntor-onion-key" SP base-64-encoded-key NL - [At most once] + [Exactly once] The "ntor-onion-key" element as specified in section 2.1.1. (Only included when generating microdescriptors for consensus-method 16 or later.) + [Before Tor 0.4.5.1-alpha, this field was optional.] + "a" SP address ":" port NL [Any number] @@ -1639,10 +1655,12 @@ "pr" SP Entries NL - [At most once.] + [Exactly once.] The "proto" element as specified in section 2.1.1. + [Before Tor 0.4.5.1-alpha, this field was optional.] + (Note that with microdescriptors, clients do not learn the RSA identity of their routers: they only learn a hash of the RSA identity key. This is all they need to confirm the actual identity key when doing a TLS @@ -1770,8 +1788,7 @@ (Note that because of propagation delays, clients and relays may see consensus documents that are up to `DistSeconds` - earlier than this this time, and should not warn about - them.) + earlier than this time, and should not warn about them.) See section 1.4 for voting timeline information. diff --git a/param-spec.txt b/param-spec.txt index e2b23f0..9c9dc44 100644 --- a/param-spec.txt +++ b/param-spec.txt @@ -26,11 +26,13 @@ line of a directory consensus. Min: 0, Max: 1, Default: 1 First-appeared: 0.2.3.3-alpha Default was 0 before: 0.2.9.1-alpha + Removed in 0.4.5.1-alpha; now always on. "usecreatefast" -- Used to control whether clients use the CREATE_FAST handshake on the first hop of their circuits. Min: 0, Max: 1. Default: 1. First-appeared: 0.2.4.23, 0.2.5.2-alpha + Removed in 0.4.5.1-alpha; now always off. "min_paths_for_circs_pct" -- A percentage threshold that determines whether clients believe they have enough directory information to diff --git a/path-spec.txt b/path-spec.txt index d728131..483e37d 100644 --- a/path-spec.txt +++ b/path-spec.txt @@ -124,7 +124,7 @@ of their choices. Here, "enough" directory information is defined as: * Having a consensus that's been valid at some point in the - last REASONABLY_LIVE_TIME interval (24 hourts). + last REASONABLY_LIVE_TIME interval (24 hours). * Having enough descriptors that we could build at least some fraction F of all bandwidth-weighted paths, without taking diff --git a/proposals/000-index.txt b/proposals/000-index.txt index b6658ff..f6ff770 100644 --- a/proposals/000-index.txt +++ b/proposals/000-index.txt @@ -238,7 +238,7 @@ Proposals by number: 315 Updating the list of fields required in directory documents [OPEN] 316 FlashFlow: A Secure Speed Test for Tor (Parent Proposal) [DRAFT] 317 Improve security aspects of DNS name resolution [NEEDS-REVISION] -318 Limit protover values to 0-63 [ACCEPTED] +318 Limit protover values to 0-63 [CLOSED] 319 RELAY_FRAGMENT cells [OPEN] 320 Removing TAP usage from v2 onion services [REJECTED] 321 Better performance and usability for the MyFamily option (v2) [OPEN] @@ -295,7 +295,6 @@ Proposals by status: 311 Tor Relay IPv6 Reachability 312 Tor Relay Automatic IPv6 Address Discovery 313 Tor Relay IPv6 Statistics - 318 Limit protover values to 0-63 META: 000 Index of Tor Proposals 001 The Tor Proposal Process @@ -405,6 +404,7 @@ Proposals by status: 302 Hiding onion service clients using padding [in 0.4.1.1-alpha] 304 Extending SOCKS5 Onion Service Error Codes 305 ESTABLISH_INTRO Cell DoS Defense Extension + 318 Limit protover values to 0-63 [in 0.4.5.1-alpha] SUPERSEDED: 112 Bring Back Pathlen Coin Weight 113 Simplifying directory authority administration diff --git a/proposals/318-limit-protovers.md b/proposals/318-limit-protovers.md index d96a2c7..17e12b2 100644 --- a/proposals/318-limit-protovers.md +++ b/proposals/318-limit-protovers.md @@ -3,7 +3,8 @@ Filename: 318-limit-protovers.md Title: Limit protover values to 0-63. Author: Nick Mathewson Created: 11 May 2020 -Status: Accepted +Status: Closed +Implemented-In: 0.4.5.1-alpha ``` # Limit protover values to 0-63. diff --git a/proposals/BY_INDEX.md b/proposals/BY_INDEX.md index 7c604fa..90a151d 100644 --- a/proposals/BY_INDEX.md +++ b/proposals/BY_INDEX.md @@ -235,7 +235,7 @@ Below are a list of proposals sorted by their proposal number. See * [`315-update-dir-required-fields.txt`](/proposals/315-update-dir-required-fields.txt): Updating the list of fields required in directory documents [OPEN] * [`316-flashflow.md`](/proposals/316-flashflow.md): FlashFlow: A Secure Speed Test for Tor (Parent Proposal) [DRAFT] * [`317-secure-dns-name-resolution.txt`](/proposals/317-secure-dns-name-resolution.txt): Improve security aspects of DNS name resolution [NEEDS-REVISION] -* [`318-limit-protovers.md`](/proposals/318-limit-protovers.md): Limit protover values to 0-63 [ACCEPTED] +* [`318-limit-protovers.md`](/proposals/318-limit-protovers.md): Limit protover values to 0-63 [CLOSED] * [`319-wide-everything.md`](/proposals/319-wide-everything.md): RELAY_FRAGMENT cells [OPEN] * [`320-tap-out-again.md`](/proposals/320-tap-out-again.md): Removing TAP usage from v2 onion services [REJECTED] * [`321-happy-families.md`](/proposals/321-happy-families.md): Better performance and usability for the MyFamily option (v2) [OPEN] diff --git a/proposals/README.md b/proposals/README.md index 6d302ec..904009e 100644 --- a/proposals/README.md +++ b/proposals/README.md @@ -55,7 +55,6 @@ implementation. * [`311-relay-ipv6-reachability.txt`](/proposals/311-relay-ipv6-reachability.txt): Tor Relay IPv6 Reachability * [`312-relay-auto-ipv6-addr.txt`](/proposals/312-relay-auto-ipv6-addr.txt): Tor Relay Automatic IPv6 Address Discovery * [`313-relay-ipv6-stats.txt`](/proposals/313-relay-ipv6-stats.txt): Tor Relay IPv6 Statistics -* [`318-limit-protovers.md`](/proposals/318-limit-protovers.md): Limit protover values to 0-63 ## FINISHED proposals: implemented, specs not merged @@ -233,6 +232,7 @@ necessary. * [`302-padding-machines-for-onion-clients.txt`](/proposals/302-padding-machines-for-onion-clients.txt): Hiding onion service clients using padding * [`304-socks5-extending-hs-error-codes.txt`](/proposals/304-socks5-extending-hs-error-codes.txt): Extending SOCKS5 Onion Service Error Codes * [`305-establish-intro-dos-defense-extention.txt`](/proposals/305-establish-intro-dos-defense-extention.txt): ESTABLISH_INTRO Cell DoS Defense Extension +* [`318-limit-protovers.md`](/proposals/318-limit-protovers.md): Limit protover values to 0-63 ## RESERVE proposals: saving for later diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index 8059017..83c3bdc 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -802,7 +802,7 @@ Table of contents: using the current consensus "valid-after" as specified in section [TIME-PERIODS]. - Then, for each node listed in the current consensus with the HSDirV3 flag, + Then, for each node listed in the current consensus with the HSDir flag, we compute a directory index for that node as: hsdir_index(node) = H("node-idx" | node_identity | |