diff options
Diffstat (limited to 'spec/rend-spec/deriving-keys.md')
-rw-r--r-- | spec/rend-spec/deriving-keys.md | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/spec/rend-spec/deriving-keys.md b/spec/rend-spec/deriving-keys.md index cbf62fe..e3cca79 100644 --- a/spec/rend-spec/deriving-keys.md +++ b/spec/rend-spec/deriving-keys.md @@ -1,6 +1,6 @@ <a id="rend-spec-v3.txt-2.1"></a> -## Deriving blinded keys and subcredentials {#SUBCRED} +# Deriving blinded keys and subcredentials {#SUBCRED} In each time period (see \[TIME-PERIODS\] for a definition of time periods), a hidden service host uses a different blinded private key @@ -58,7 +58,7 @@ Which Tor servers hosts a hidden service depends on: <a id="rend-spec-v3.txt-2.2.1"></a> -### Dividing time into periods {#TIME-PERIODS} +## Dividing time into periods {#TIME-PERIODS} To prevent a single set of hidden service directory from becoming a target by adversaries looking to permanently censor a hidden service, @@ -90,7 +90,7 @@ after the epoch, at 2016-04-12 12:00 UTC, and ended at 16904*1440*60 + <a id="rend-spec-v3.txt-2.2.2"></a> -### When to publish a hidden service descriptor {#WHEN-HSDESC} +## When to publish a hidden service descriptor {#WHEN-HSDESC} Hidden services periodically publish their descriptor to the responsible HSDirs. The set of responsible HSDirs is determined as specified in @@ -104,7 +104,7 @@ descriptor again to the responsible HSDirs for that time period. <a id="rend-spec-v3.txt-2.2.2.1"></a> -#### Overlapping descriptors {#OVERLAPPING-DESCS} +### Overlapping descriptors {#OVERLAPPING-DESCS} Hidden services need to upload multiple descriptors so that they can be reachable to clients with older or newer consensuses than them. Services @@ -125,7 +125,7 @@ achieved. <a id="rend-spec-v3.txt-2.2.3"></a> -### Where to publish a hidden service descriptor {#WHERE-HSDESC} +## Where to publish a hidden service descriptor {#WHERE-HSDESC} This section specifies how the HSDir hash ring is formed at any given time. Whenever a time value is needed (e.g. to get the current time period @@ -190,7 +190,7 @@ choosing the spread for a replica. <a id="rend-spec-v3.txt-2.2.4"></a> -### Using time periods and SRVs to fetch/upload HS descriptors {#FETCHUPLOADDESC} +## Using time periods and SRVs to fetch/upload HS descriptors {#FETCHUPLOADDESC} Hidden services and clients need to make correct use of time periods (TP) and shared random values (SRVs) to successfully fetch and upload @@ -228,7 +228,7 @@ Let's start with an illustration of the system: <a id="rend-spec-v3.txt-2.2.4.1"></a> -#### Client behavior for fetching descriptors {#CLIENTFETCH} +### Client behavior for fetching descriptors {#CLIENTFETCH} And here is how clients use TPs and SRVs to fetch descriptors: @@ -258,7 +258,7 @@ after SRV#2, it will still use TP#1 and SRV#1. <a id="rend-spec-v3.txt-2.2.4.2"></a> -#### Service behavior for uploading descriptors {#SERVICEUPLOAD} +### Service behavior for uploading descriptors {#SERVICEUPLOAD} As discussed above, services maintain two active descriptors at any time. We call these the "first" and "second" service descriptors. Services rotate @@ -272,7 +272,7 @@ values based on their position in the graph above. Here is the logic: <a id="rend-spec-v3.txt-2.2.4.2.1"></a> -##### First descriptor upload logic {#FIRSTDESCUPLOAD} +#### First descriptor upload logic {#FIRSTDESCUPLOAD} Here is the service logic for uploading its first descriptor: @@ -308,7 +308,7 @@ first descriptor using TP#1 and SRV#1. <a id="rend-spec-v3.txt-2.2.4.2.2"></a> -##### Second descriptor upload logic {#SECONDDESCUPLOAD} +#### Second descriptor upload logic {#SECONDDESCUPLOAD} Here is the service logic for uploading its second descriptor: @@ -342,7 +342,7 @@ second descriptor using TP#2 and SRV#2. <a id="rend-spec-v3.txt-2.2.4.3"></a> -#### Directory behavior for handling descriptor uploads \[DIRUPLOAD\] +### Directory behavior for handling descriptor uploads \[DIRUPLOAD\] Upon receiving a hidden service descriptor publish request, directories MUST check the following: @@ -368,7 +368,7 @@ necessary client credentials (for decrypting the second layer). <a id="rend-spec-v3.txt-2.2.5"></a> -### Expiring hidden service descriptors {#EXPIRE-DESC} +## Expiring hidden service descriptors {#EXPIRE-DESC} Hidden services set their descriptor's "descriptor-lifetime" field to 180 minutes (3 hours). Hidden services ensure that their descriptor will remain @@ -381,7 +381,7 @@ the time period has changed). <a id="rend-spec-v3.txt-2.2.6"></a> -### URLs for anonymous uploading and downloading {#urls} +## URLs for anonymous uploading and downloading {#urls} Hidden service descriptors conforming to this specification are uploaded with an HTTP POST request to the URL `/tor/hs/<version>/publish` relative to @@ -395,7 +395,7 @@ anything else. <a id="rend-spec-v3.txt-2.2.7"></a> -### Client-side validation of onion addresses {#addr-validation} +## Client-side validation of onion addresses {#addr-validation} When a Tor client receives a prop224 onion address from the user, it MUST first validate the onion address before attempting to connect or |