From 72993063dcda1f9bcbde59c399d42777ba0d0af1 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 19 Sep 2017 14:39:55 -0400 Subject: Mark unimplemented parts of rend-spec-v3 --- rend-spec-v3.txt | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'rend-spec-v3.txt') diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index 5540f2e..ef5f940 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -463,6 +463,8 @@ Table of contents: optional client authorization is enabled, the service may additionally require the client to prove knowledge of a pre-shared private key. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + 1.4. In more detail: Distributing hidden service descriptors. [IMD:DIST] Periodically, hidden service descriptors become stored at different @@ -535,6 +537,9 @@ Table of contents: secret master identity key. The secret blinded signing key should only be used to create credentials for the descriptor signing keys. + (NOTE: although the protocol allows them, offline keys are not + implemented as of 0.3.2.1-alpha.) + 1.8. In more detail: Encryption Keys And Replay Resistance To avoid replays of an introduction request by an introduction point, @@ -635,6 +640,8 @@ Table of contents: [TODO: Also specify stealth client authorization.] + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + 2. Generating and publishing hidden service descriptors [HSDIR] Hidden service descriptors follow the same metaformat as other Tor @@ -1174,6 +1181,8 @@ Table of contents: [Any number] + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + When client authorization is enabled, the hidden service inserts an "auth-client" line for each of its authorized clients. If client authorization is disabled, the fields here can be populated with random @@ -2269,6 +2278,9 @@ Appendix F. Hidden service directory format [HIDSERVDIR-FORMAT] as the ~/.ssh/authorized_keys of onion services. See [CLIENT-AUTH-MGMT] for more details. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + + - "./client_authorized_privkeys/" [DIRECTORY] "./client_authorized_privkeys/alice.privkey" [FILE] "./client_authorized_privkeys/bob.privkey" [FILE] @@ -2279,6 +2291,8 @@ Appendix F. Hidden service directory format [HIDSERVDIR-FORMAT] then this directory contains files with client's private keys. See [CLIENT-AUTH-MGMT] for more details. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + Appendix E. Managing authorized client data [CLIENT-AUTH-MGMT] Hidden services and clients can configure their authorized client data either @@ -2286,6 +2300,8 @@ Appendix E. Managing authorized client data [CLIENT-AUTH-MGMT] scheme for configuring client authorization. Please see appendix [HIDSERVDIR-FORMAT] for more information about relevant hidden service files. + (NOTE: client authorization is not implemented as of 0.3.2.1-alpha.) + E.1. Configuring client authorization using torrc E.1.1. Hidden Service side -- cgit v1.2.3-54-g00ecf