diff options
Diffstat (limited to 'dir-spec.txt')
-rw-r--r-- | dir-spec.txt | 44 |
1 files changed, 39 insertions, 5 deletions
diff --git a/dir-spec.txt b/dir-spec.txt index 1cf3665..0de986f 100644 --- a/dir-spec.txt +++ b/dir-spec.txt @@ -711,7 +711,6 @@ Table of Contents - Any OOM invocation due to memory pressure - Any ntor onionskins are dropped - TCP port exhaustion - - DNS timeout reached The timestamp is when at least one metrics was detected. It should always be at the hour and thus, as an example, "2020-01-10 13:00:00" is an @@ -1331,6 +1330,8 @@ Table of Contents is first added after the relay has been running for at least 24 hours. + (Introduced in tor-0.4.6.1-alpha) + "hidserv-rend-relayed-cells" SP NUM SP key=val SP key=val ... NL [At most once.] "hidserv-rend-v3-relayed-cells" SP NUM SP key=val SP key=val ... NL @@ -1351,6 +1352,8 @@ Table of Contents integer and included as 'NUM'. Note that the overall reported value can be negative. + (Introduced in tor-0.4.6.1-alpha) + "hidserv-dir-onions-seen" SP NUM SP key=val SP key=val ... NL [At most once.] "hidserv-dir-v3-onions-seen" SP NUM SP key=val SP key=val ... NL @@ -1366,6 +1369,8 @@ Table of Contents of this line. Note that the overall reported value can be negative. + (Introduced in tor-0.4.6.1-alpha) + "transport" transportname address:port [arglist] NL [Any number.] @@ -2330,6 +2335,11 @@ Table of Contents "Fast" if the router is suitable for high-bandwidth circuits. "Guard" if the router is suitable for use as an entry guard. "HSDir" if the router is considered a v2 hidden service directory. + "MiddleOnly" if the router is considered unsuitable for + usage other than as a middle relay. Clients do not need + to handle this option, since when it is present, the authorities + will automatically vote against flags that would make the router + usable in other positions. (Since 0.4.7.2-alpha.) "NoEdConsensus" if any Ed25519 key in the router's descriptor or microdescriptor does not reflect authority consensus. "Stable" if the router is suitable for long-lived circuits. @@ -2639,6 +2649,13 @@ Table of Contents authority believes that it's been up for at least 96 hours (or the current value of MinUptimeHidServDirectoryV2). + "MiddleOnly" -- An authority should vote for this flag if it believes + that a relay is unsuitable for use except as a middle relay. When + voting for this flag, the authority should also vote against "Exit", + "Guard", "HsDir", and "V2Dir". When voting for this flag, if the + authority votes on the "BadExit" flag, the authority should vote in + favor of "BadExit". (This flag was added in 0.4.7.2-alpha.) + "NoEdConsensus" -- authorities should not vote on this flag; it is produced as part of the consensus for consensus method 22 or later. @@ -2958,6 +2975,13 @@ Table of Contents "bwweightscale" and "maxunmeasuredbw" parameters correctly when computing votes. + * If consensus method 32 or later is used, authorities handle the + "MiddleOnly" flag specially when computing a consensus. When the + voters agree to include "MiddleOnly" in a routerstatus, they + automatically remove "Exit", "Guard", "V2Dir", and "HSDir". If + the BadExit flag is included in the consensus, they automatically + add it to the routerstatus. + * If consensus method 33 or later is used, and the consensus flavor is "microdesc", then the "Publication" field in the "r" line is set to "2038-01-01 00:00:00". @@ -4167,10 +4191,20 @@ C. Converting a curve25519 public key to an ed25519 public key [Recomputing the sign bit from the private key every time sounds rather strange and inefficient to me… —isis] - Alternatively, without access to the corresponding ed25519 private - key, one may use the Montgomery u-coordinate to recover the - Montgomery v-coordinate by computing the right-hand side of the - Montgomery curve equation: + Note that in addition to its coordinates, an expanded Ed25519 private key + also has a 32-byte random value, "prefix", used to compute internal `r` + values in the signature. For security, this prefix value should be + derived deterministically from the curve25519 key. The Tor + implementation derives it as SHA512(private_key | STR)[0..32], where + STR is the nul-terminated string: + + "Derive high part of ed25519 key from curve25519 key\0" + + + On the client side, where there is no access to the curve25519 private + keys, one may use the curve25519 public key's Montgomery u-coordinate to + recover the Montgomery v-coordinate by computing the right-hand side of + the Montgomery curve equation: bv^2 = u(u^2 + au +1) |