From 674befc327f8ff0d66cd16fd3a4f7da0229db708 Mon Sep 17 00:00:00 2001 From: nusenu <360-nusenu@gitlab.torproject.org> Date: Sun, 29 May 2022 10:07:50 +0000 Subject: add hashed-bridge-rsa-fingerprint.txt since contactinfo for bridges is also public now, we add support for bridges --- proposals/326-tor-relay-well-known-uri-rfc8615.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/proposals/326-tor-relay-well-known-uri-rfc8615.md b/proposals/326-tor-relay-well-known-uri-rfc8615.md index 4f13835..35bb942 100644 --- a/proposals/326-tor-relay-well-known-uri-rfc8615.md +++ b/proposals/326-tor-relay-well-known-uri-rfc8615.md @@ -73,6 +73,25 @@ bHzOT41w56KHh+w6TYwUhN4KrGwPWQWJX04/+tw/+RU The base64 encoded ed25519 public master key can be found in the file named "fingerprint-ed25519" located in the Tor data directory on the relay. +## /.well-known/tor-relay/hashed-bridge-rsa-fingerprint.txt + +* The file contains one or more SHA1 hashed Tor bridge SHA1 fingerprints operated by the entity in control of this website. +* Each line contains one hashed fingerprint. +* The file may contain comments (starting with #). +* Non-comment lines must be exactly 40 characters long and consist of the following characters [a-fA-F0-9]. +* Hashed fingerprints are not case-sensitive. +* Each hashed fingerprint MUST appear at most once. +* The file MUST not be larger than one MByte. +* The file MUST NOT contain fingerprints of Tor relays. +* The content MUST be a media type of "text/plain". + +Example file content: + +``` +# we operate these Tor bridges +1234567890123456789012345678901234567ABC +4234567890123456789012345678901234567890 +``` # Change Controller -- cgit v1.2.3-54-g00ecf From 7e505e651695122fd46404643ca9ea149bbfbb13 Mon Sep 17 00:00:00 2001 From: nusenu <360-nusenu@gitlab.torproject.org> Date: Wed, 1 Jun 2022 18:04:52 +0000 Subject: add info on where to find hashed bridge fingerprin as suggested by meskio make clear that the ed25519 file is not relevant for bridges --- proposals/326-tor-relay-well-known-uri-rfc8615.md | 34 +++++++++++++---------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/proposals/326-tor-relay-well-known-uri-rfc8615.md b/proposals/326-tor-relay-well-known-uri-rfc8615.md index 35bb942..2f820ea 100644 --- a/proposals/326-tor-relay-well-known-uri-rfc8615.md +++ b/proposals/326-tor-relay-well-known-uri-rfc8615.md @@ -10,22 +10,23 @@ Status: Open This is a specification for a well-known [registry](https://www.iana.org/assignments/well-known-uris/) entry according to [RFC8615](https://tools.ietf.org/html/rfc8615). -This resource identifier can be used for serving and finding proofs related to [Tor](https://www.torproject.org/) relay contact information. -It can also be used for autodiscovery of Tor relays run by a given entity, if the entity domain is known. -It solves the issue that Tor relay contact information is an unidirectional and unverified claim by nature. +This resource identifier can be used for serving and finding proofs related to [Tor](https://www.torproject.org/) relay and bridge contact information. +It can also be used for autodiscovery of Tor relays run by a given entity, if the entity's domain is known. +It solves the issue that Tor relay/bridge contact information is an unidirectional and unverified claim by nature. This well-known URI aims to allow the verification of the unidirectional claim. -It aims to reduce the risk of impersonation attacks, where a Tor relay claims to be operated by a certain entity, but actually isn't. -The automated verification will also support the [visualization of relay groups](https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001). +It aims to reduce the risk of impersonation attacks, where a Tor relay/bridge claims to be operated by a certain entity, but actually isn't. +The automated verification will also support the [visualization of relay/bridge groups](https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001). -* An initially (unverified) Tor relay contact information might claim to be related to an -organization by pointing to its website: Tor relay contact information field -> website -* The "tor-relay" URI allows for the verification of that claim by fetching the files containing Tor relay ID(s) under the specified URI, -because attackers can not easily place these files at the given location. +* An initially (unverified) Tor relay or bridge contact information might claim to be related to an +organization by pointing to its website: Tor relay/bridge contact information field -> website +* The "tor-relay" URI allows for the verification of that claim by fetching the files containing Tor relay ID(s) or hashed bridge fingerprints +under the specified URI, because attackers can not easily place these files at the given location. -* By publishing Tor relay IDs under this URI the website operator claims to be the responsible entity for these Tor relays. -The verification of listed Tor relay IDs only succeeds if the claim can be verified bidirectionally (website -> relay and relay -> website). +* By publishing Tor relay IDs or hashed bridge IDs under this URI the website operator claims to be the responsible entity for these Tor relays/bridges. +The verification of listed Tor relay/bridge IDs only succeeds if the claim can be verified bidirectionally +(website -> relay/bridge and relay/bridge -> website). -* This URI is not related to Tor bridges or Tor onion services. +* This URI is not related to Tor onion services. * The URL MUST be HTTPS and use a valid TLS certificate from a generally trusted root CA. Plain HTTP MUST not be used. @@ -34,13 +35,13 @@ The verification of listed Tor relay IDs only succeeds if the claim can be verif ## /.well-known/tor-relay/rsa-fingerprint.txt * The file contains one or more Tor relay RSA SHA1 fingerprints operated by the entity in control of this website. -* Each line contains one fingerprint. +* Each line contains one relay fingerprint. +* The file MUST NOT contain fingerprints of Tor bridges (or hashes of bridge fingerprints). For bridges see the file `hashed-bridge-rsa-fingerprint.txt`. * The file may contain comments (starting with #). * Non-comment lines must be exactly 40 characters long and consist of the following characters [a-fA-F0-9]. * Fingerprints are not case-sensitive. * Each fingerprint MUST appear at most once. * The file MUST not be larger than one MByte. -* The file MUST NOT contain fingerprints of Tor bridges (or hashes of bridge fingerprints). * The content MUST be a media type of "text/plain". Example file content: @@ -55,6 +56,7 @@ The RSA SHA1 relay fingerprint can be found in the file named "fingerprint" loca ## /.well-known/tor-relay/ed25519-master-pubkey.txt * The file contains one or more ed25519 Tor relay public master keys of relays operated by the entity in control of this website. +* This file is not relevant for bridges. * Each line contains one public ed25519 master key in its base64 encoded form. * The file may contain comments (starting with #). * Non-comment lines must be exactly 43 characters long and consist of the following characters [a-zA-z0-9/+]. @@ -76,7 +78,7 @@ The base64 encoded ed25519 public master key can be found in the file named "fin ## /.well-known/tor-relay/hashed-bridge-rsa-fingerprint.txt * The file contains one or more SHA1 hashed Tor bridge SHA1 fingerprints operated by the entity in control of this website. -* Each line contains one hashed fingerprint. +* Each line contains one hashed bridge fingerprint. * The file may contain comments (starting with #). * Non-comment lines must be exactly 40 characters long and consist of the following characters [a-fA-F0-9]. * Hashed fingerprints are not case-sensitive. @@ -93,6 +95,8 @@ Example file content: 4234567890123456789012345678901234567890 ``` +The hashed Tor bridge fingerprint can be found in the file named "hashed-fingerprint" located in the Tor data directory on the bridge. + # Change Controller Tor Project Development Mailing List -- cgit v1.2.3-54-g00ecf