aboutsummaryrefslogtreecommitdiff
path: root/proposals/326-tor-relay-well-known-uri-rfc8615.md
diff options
context:
space:
mode:
Diffstat (limited to 'proposals/326-tor-relay-well-known-uri-rfc8615.md')
-rw-r--r--proposals/326-tor-relay-well-known-uri-rfc8615.md57
1 files changed, 40 insertions, 17 deletions
diff --git a/proposals/326-tor-relay-well-known-uri-rfc8615.md b/proposals/326-tor-relay-well-known-uri-rfc8615.md
index 4f13835..8bc705a 100644
--- a/proposals/326-tor-relay-well-known-uri-rfc8615.md
+++ b/proposals/326-tor-relay-well-known-uri-rfc8615.md
@@ -1,6 +1,6 @@
```
Filename: 326-tor-relay-well-known-uri-rfc8615.md
-Title: The "tor-relay" Well-Known Resource Identifier
+Title: The "tor-relay" Well-Known Resource Identifier
Author: nusenu
Created: 14 August 2020
Status: Open
@@ -10,22 +10,23 @@ Status: Open
This is a specification for a well-known [registry](https://www.iana.org/assignments/well-known-uris/) entry according to [RFC8615](https://tools.ietf.org/html/rfc8615).
-This resource identifier can be used for serving and finding proofs related to [Tor](https://www.torproject.org/) relay contact information.
-It can also be used for autodiscovery of Tor relays run by a given entity, if the entity domain is known.
-It solves the issue that Tor relay contact information is an unidirectional and unverified claim by nature.
+This resource identifier can be used for serving and finding proofs related to [Tor](https://www.torproject.org/) relay and bridge contact information.
+It can also be used for autodiscovery of Tor relays run by a given entity, if the entity's domain is known.
+It solves the issue that Tor relay/bridge contact information is a unidirectional and unverified claim by nature.
This well-known URI aims to allow the verification of the unidirectional claim.
-It aims to reduce the risk of impersonation attacks, where a Tor relay claims to be operated by a certain entity, but actually isn't.
-The automated verification will also support the [visualization of relay groups](https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001).
+It aims to reduce the risk of impersonation attacks, where a Tor relay/bridge claims to be operated by a certain entity, but actually isn't.
+The automated verification will also support the [visualization of relay/bridge groups](https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001).
-* An initially (unverified) Tor relay contact information might claim to be related to an
-organization by pointing to its website: Tor relay contact information field -> website
-* The "tor-relay" URI allows for the verification of that claim by fetching the files containing Tor relay ID(s) under the specified URI,
-because attackers can not easily place these files at the given location.
+* An initially (unverified) Tor relay or bridge contact information might claim to be related to an
+organization by pointing to its website: Tor relay/bridge contact information field -> website
+* The "tor-relay" URI allows for the verification of that claim by fetching the files containing Tor relay ID(s) or hashed bridge fingerprints
+under the specified URI, because attackers can not easily place these files at the given location.
-* By publishing Tor relay IDs under this URI the website operator claims to be the responsible entity for these Tor relays.
-The verification of listed Tor relay IDs only succeeds if the claim can be verified bidirectionally (website -> relay and relay -> website).
+* By publishing Tor relay IDs or hashed bridge IDs under this URI the website operator claims to be the responsible entity for these Tor relays/bridges.
+The verification of listed Tor relay/bridge IDs only succeeds if the claim can be verified bidirectionally
+(website -> relay/bridge and relay/bridge -> website).
-* This URI is not related to Tor bridges or Tor onion services.
+* This URI is not related to Tor onion services.
* The URL MUST be HTTPS and use a valid TLS certificate from a generally trusted root CA. Plain HTTP MUST not be used.
@@ -34,13 +35,13 @@ The verification of listed Tor relay IDs only succeeds if the claim can be verif
## /.well-known/tor-relay/rsa-fingerprint.txt
* The file contains one or more Tor relay RSA SHA1 fingerprints operated by the entity in control of this website.
-* Each line contains one fingerprint.
+* Each line contains one relay fingerprint.
+* The file MUST NOT contain fingerprints of Tor bridges (or hashes of bridge fingerprints). For bridges see the file `hashed-bridge-rsa-fingerprint.txt`.
* The file may contain comments (starting with #).
-* Non-comment lines must be exactly 40 characters long and consist of the following characters [a-fA-F0-9].
+* Non-comment lines must be exactly 40 characters long and consist of the following characters `[a-fA-F0-9]`.
* Fingerprints are not case-sensitive.
* Each fingerprint MUST appear at most once.
* The file MUST not be larger than one MByte.
-* The file MUST NOT contain fingerprints of Tor bridges (or hashes of bridge fingerprints).
* The content MUST be a media type of "text/plain".
Example file content:
@@ -55,9 +56,10 @@ The RSA SHA1 relay fingerprint can be found in the file named "fingerprint" loca
## /.well-known/tor-relay/ed25519-master-pubkey.txt
* The file contains one or more ed25519 Tor relay public master keys of relays operated by the entity in control of this website.
+* This file is not relevant for bridges.
* Each line contains one public ed25519 master key in its base64 encoded form.
* The file may contain comments (starting with #).
-* Non-comment lines must be exactly 43 characters long and consist of the following characters [a-zA-z0-9/+].
+* Non-comment lines must be exactly 43 characters long and consist of the following characters `[a-zA-z0-9/+]`.
* Each key MUST appear at most once.
* The file MUST not be larger than one MByte.
* The content MUST be a media type of "text/plain".
@@ -73,6 +75,27 @@ bHzOT41w56KHh+w6TYwUhN4KrGwPWQWJX04/+tw/+RU
The base64 encoded ed25519 public master key can be found in the file named "fingerprint-ed25519" located in the Tor data directory on the relay.
+## /.well-known/tor-relay/hashed-bridge-rsa-fingerprint.txt
+
+* The file contains one or more SHA1 hashed Tor bridge SHA1 fingerprints operated by the entity in control of this website.
+* Each line contains one hashed bridge fingerprint.
+* The file may contain comments (starting with #).
+* Non-comment lines must be exactly 40 characters long and consist of the following characters `[a-fA-F0-9]`.
+* Hashed fingerprints are not case-sensitive.
+* Each hashed fingerprint MUST appear at most once.
+* The file MUST not be larger than one MByte.
+* The file MUST NOT contain fingerprints of Tor relays.
+* The content MUST be a media type of "text/plain".
+
+Example file content:
+
+```
+# we operate these Tor bridges
+1234567890123456789012345678901234567ABC
+4234567890123456789012345678901234567890
+```
+
+The hashed Tor bridge fingerprint can be found in the file named "hashed-fingerprint" located in the Tor data directory on the bridge.
# Change Controller
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion