[torspec/master] prop224: Remove username/password intro-layer auth. - tor-commits

1 Dec 2016

commit 2b650b67e4fb0d06e1fb33cf6122ab31a5b39038
Author: George Kadianakis desnacked@riseup.net
Date:   Thu Dec 1 16:14:10 2016 -0500
prop224: Remove username/password intro-layer auth.
Authorized clients need a x25519 key to decrypt the descriptor anyway,
    so having username/password method for the intro-layer authorization is
    not very helpful, since they will need to remember the x25519 key anyway.
Perhaps in the future we can reinstate the username/password method, by
    having x25519/ed25519 keypairs be generated from the low-entropy
    username/password pair.
---
 proposals/224-rend-spec-ng.txt | 26 +++++---------------------
 1 file changed, 5 insertions(+), 21 deletions(-)

diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index 4f05638..0b23fc1 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -60,8 +60,7 @@ Table of contents:
             3.3.1. Introduction handshake encryption requirements [INTRO-HANDSHAKE-REQS]
             3.3.2. Example encryption handshake: ntor with extra data [NTOR-WITH-EXTRA-DATA]
         3.4. Authentication during the introduction phase. [INTRO-AUTH]
-            3.4.1. Password-based authentication.
-            3.4.2. Ed25519-based authentication.
+            3.4.1. Ed25519-based authentication.
     4. The rendezvous protocol
         4.1. Establishing a rendezvous point [EST_REND_POINT]
         4.2. Joining to a rendezvous point [JOIN_REND]
@@ -1733,26 +1732,11 @@ Table of contents:
3.4. Authentication during the introduction phase. [INTRO-AUTH]
-   Hidden services may restrict access only to authorized users.  One
-   mechanism to do so is the credential mechanism, where only users who
-   know the credential for a hidden service may connect at all. For more
-   fine-grained conntrol, a hidden service can be configured with
-   password-based or public-key-based authentication.
+   Hidden services may restrict access only to authorized users.
+   One mechanism to do so is the credential mechanism, where only users who
+   know the credential for a hidden service may connect at all.
-3.4.1. Password-based authentication.
-
-   To authenticate with a password, the user must include an extension
-   field in the encrypted part of the INTRODUCE1 cell with an
-   EXT_FIELD_TYPE type of [01] and the contents:
-
-     Username [00] Password.
-
-   The username may not include any [00] bytes. The password may.
-
-   On the server side, the password MUST be stored hashed and salted,
-   ideally with scrypt or something better.
-
-3.4.2. Ed25519-based authentication.
+3.4.1. Ed25519-based authentication.
To authenticate with an Ed25519 private key, the user must include an
    extension field in the encrypted part of the INTRODUCE1 cell with an

    