torspec - Tor's protocol specification documents and proposals

Age	Commit message (Collapse)	Author
2016-10-17	prop224: Add a section on the number of introduction points	David Goulet
	Acked-by: George Kadianakis <desnacked@riseup.net> Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-10-11	prop224: Set status from Draft to Open	David Goulet
	In theory, we shouldn't use Draft anymore. Also, part of proposal 224 is being implemented while we are still changing part of it. Acked-by: George Kadianakis <desnacked@riseup.net> Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-10-11	prop224: Minor syntax fix mostly wrapping on 80 chars	David Goulet
	Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-10-11	prop224: Clarify descriptor version format	David Goulet
	Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-09-15	prop224: Change cert type value from 0A to 0B	David Goulet
	Value 0x0A (10) is taken by onion key cross-certifying ntor identity key from proposal 228. Signed-off-by: David Goulet <dgoulet@torproject.org> Signed-off-by: George Kadianakis <asn@torproject.org>
2016-09-06	Correct an error in proposal 224 citing 220	Nick Mathewson

2016-08-25	prop224: Add string prefix to HS descriptor signature.	George Kadianakis

2016-08-24	prop224: Change format of enc-key cross certification	David Goulet
	Use a more standard format from Tor and proposal 220 instead of our own construction. Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-08-24	prop224: Change the publish/fetch HSDir HTTP URL	David Goulet
	Use a more generic way to version the URL for the command so it's much easier to parse in the implementation but also decoupled from the command type. Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-08-12	Merge remote-tracking branch 'teor/prop224-horse'	Nick Mathewson

2016-06-24	prop224: Remove redundant 'ed25519' header from 'auth-key'.	George Kadianakis
	The certificate already denotes the type of key.
2016-06-24	prop224: Minor cleanup of [WHERE-HSDESC] section.	George Kadianakis

2016-06-24	prop224: Specify lifetime of HS descriptors.	George Kadianakis
	Conflicts: proposals/224-rend-spec-ng.txt
2016-06-24	prop224: Specify overlap descriptor upload logic.	George Kadianakis
	Conflicts: proposals/224-rend-spec-ng.txt
2016-05-12	prop224: Some proposed fixes mostly discussed with asn	David Goulet
	Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-05-12	prop224: More trivial fixups.	John Brooks
	- Sectioning fixes
2016-05-12	prop224: Cross-certify all intro keys	John Brooks

2016-05-12	prop224: More improvements.	George Kadianakis
	- Specify credential/subcredential format. - Bump up revision-counter to 64-bits. - Specify descriptor encryption padding.
2016-05-12	prop224: Bump keylen to 2 bytes in all cells.	George Kadianakis

2016-05-12	prop224: Various improvements and XXX removals.	George Kadianakis
	- Replace AES128-CTR with AES256. - Use relay ed25519 identity keys to create the HSDir hash ring. - Accept 0 introduction points in descriptors.
2016-05-12	prop224: Clarify the format of INTRODUCE1 cells	John Brooks
	- Clarify how to distinguish between old and new style cells. - Don't send the encryption key to the introduction point.
2016-05-12	prop224: Add a table of contents to the proposal.	George Kadianakis

2016-05-09	kill the rest of hsdir_spread_accept with fire	Roger Dingledine

2016-05-08	questions from when i was reading through it	Roger Dingledine

2016-05-08	substantive changes that i hope aren't controversial	Roger Dingledine

2016-05-08	easy typo/grammar/etc fixes on prop#224	Roger Dingledine

2016-05-08	Tweak vanity onion scheme to avoid producing invalid keys	teor (Tim Wilson-Brown)
	Also add a reference implementation for the scheme.
2016-05-08	prop224: Clarify behavior when uploading/fetching descriptors.	George Kadianakis
	Specifically concering time periods and SRVs.
2016-05-08	prop224: Clarify descriptor upload section.	George Kadianakis
	Also specify that HSes should re-upload their descriptor every one hour.
2016-05-08	prop224: Revisit how overlap periods work.	George Kadianakis
	Now overlap periods start 6 hours before the start of the next time period.
2016-05-08	prop224: Time periods now start at 12:00UTC and last 24 hours.	George Kadianakis

2016-05-08	prop224: Clarify when we need fresh salt for descriptors.	George Kadianakis

2016-05-08	Revert "prop224: avoid replicas with the same blinded key"	George Kadianakis
	This reverts commit 8df8c0584392240aa8fecbcd2164a4489be7ae1a.
2016-05-08	Revert "prop224: randomise revision-counter to avoid information leaks"	George Kadianakis
	This reverts commit 01119bf1291a40aa309dfb7d76edf790133f05b9.
2016-05-08	prop224: Specify sane use of PRNG once and for all.	George Kadianakis
	Tor is doing the right thing anyway, and specs would look terrible if we have to refer to [RANDOM-REFS] everytime we use random bytes.
2016-04-26	Fix a typo in prop 224 and explain a variable used in a comment	teor (Tim Wilson-Brown)

2016-04-14	prop224: Switch back to a TYPE/LEN/KEY construction for cells.	George Kadianakis
	Nick pointed out that having the length explicit is better for backwards/future compatibility. Also change some field names so that they are mostly uniform throughout the proposal.
2016-04-14	prop224: Fix crypto issues pointed out by Nick.	George Kadianakis
	- No point in using SHAKE with HKDF. Just use SHAKE. - Use our KDF to do key expansion for rendezvous crypto.
2016-04-08	prop224: Remove the MAINT_INTRO feature.	George Kadianakis
	Too complex and not sufficient gain. For full rationale, please see thread: https://lists.torproject.org/pipermail/tor-dev/2016-March/010560.html
2016-04-08	prop224: Clarify backwards compatibility sections slightly.	George Kadianakis

2016-04-08	prop224: Add missing key expansion section for rendezvous crypto.	George Kadianakis

2016-04-08	prop224: Clarify use of shared random values.	George Kadianakis

2016-04-08	prop224: Fix undefined variables in the ntor section.	George Kadianakis

2016-04-08	prop224: In cells, replace TYPE/LEN/KEY with just TYPE/KEY.	George Kadianakis

2016-04-08	prop224: Various improvements.	George Kadianakis
	- Kill last remnants of TAP from the proposal. - Replace SHA256 with SHA3-256 and our KDF with SHAKE. - Make the INTRO_ESTABLISHED cell extensible. - Improve the descriptor format a bit. - Don't be ambiguous about "INTRODUCE" cells (pointed out by malekbr). - Cleanup the scaling section.
2016-04-08	prop224: Minor fixes to descriptor format	John Brooks

2016-04-08	prop224: Some syntax fixes and remove time-period	David Goulet
	Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-11-20	prop224: avoid replicas with the same blinded key	teor (Tim Wilson-Brown)
	Each replicas uses one of multiple blinded keys (and a different descriptor signing key) to avoid HSDirs being able to locate other replicas of the service. In combination with the changes to the salt and revision-counter, this also makes it difficult to link descriptors from the same service at all. If descriptors for different replicas cannot be linked, then it becomes much harder for a malicious HSDir to discover other replicas and attept to DoS them.
2015-11-20	prop224: use a different salt for each replica and upload	teor (Tim Wilson-Brown)
	Use a different salt for each descriptor replica and upload, to avoid matching encrypted blobs, which could be used to link other replicas of the service. If descriptors for different replicas cannot be linked, then it becomes much harder for a malicious HSDir to discover other replicas and attept to DoS them.
2015-11-20	prop224: randomise revision-counter to avoid information leaks	teor (Tim Wilson-Brown)
	Randomise revision-counter start value and increment to avoid leaking: * the descriptor validity start time, * the age of new hidden services, * the stability of a hidden service, * a value that could be used to link other replicas of the service. If descriptors for different replicas cannot be linked, then it becomes much harder for a malicious HSDir to discover other replicas and attept to DoS them.