commit 65c048ea31a10e8c30a3c9e4dd3d92bad8f7eccb Author: Linus Nordberg linus@nordberg.se Date: Thu Feb 20 16:44:21 2014 +0000
Typos. --- proposals/220-ecc-id-keys.txt | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/proposals/220-ecc-id-keys.txt b/proposals/220-ecc-id-keys.txt index b14fea7..cb8cf83 100644 --- a/proposals/220-ecc-id-keys.txt +++ b/proposals/220-ecc-id-keys.txt @@ -11,8 +11,8 @@ Status: Draft
0. Introduction
- In current Tor designs, identity keys are limited to 1024-bit RSA - keys. + In current Tor designs, router identity keys are limited to + 1024-bit RSA keys.
Clearly, that should change, because RSA doesn't represent a good performance-security tradeoff nowadays, and because 1024-bit RSA is @@ -181,7 +181,7 @@ Status: Draft Current versions of Tor will handle these new formats by ignoring the new fields, and not checking any ed25519 information.
- New version of Tor will have a flag that tells them whether to check + New versions of Tor will have a flag that tells them whether to check ed25519 information. When it is set, they must check:
* All RSA information and signatures that Tor implementations @@ -199,7 +199,7 @@ Status: Draft
2.3.2. Extra-info documents
- Extrainfo documents now include "identity-ed25519" and + Extra-info documents now include "identity-ed25519" and "router-signature-ed25519" fields in the same positions in which they appear in router descriptors.
@@ -358,7 +358,7 @@ Status: Draft SIGNATURE [64 bytes] where CERT_DIGEST is a SHA256 digest of the X.509 certificate used for the TLS link, EXPIRATION_DATE is a date in *days* since the epoch - starting on which the certificate is invalid, and SIGNATURE is + on which the certificate is invalid, and SIGNATURE is a signature using the signing key of the above two fields, prefixed with "Tor TLS link certificate check v1".
@@ -488,7 +488,7 @@ Status: Draft
7. Hidden service changes out of scope
- Hidden services need to be able to identity nodes by ECC keys, just as + Hidden services need to be able to identify nodes by ECC keys, just as they will need to include ntor keys as well as TAP keys. Not just yet though. This needs to be part of a bigger hidden service revamping strategy.