Hi Nick, Ian,
I've been pointing people to "Section 6 of http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.228.6223" when they ask what NTor is. But then I realized that that's not the best (single) place to send cryptographers when I ask them to analyze whether we've designed or built it right.
Then I found https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/216-ntor-hand... which looks great
but then I also found https://gitweb.torproject.org/torspec.git/blob/HEAD:/tor-spec.txt#l852 which looks crisper.
So the questions:
A) Which combination and order of these three resources should I point people at? That is, does the tor-spec stanza replace proposal 216 completely, or is there still some use to looking at the proposal too, or is the proposal wrong now because you fixed stuff since then but didn't change the proposal, etc? Did I miss any good resources?
B) What are the sketchiest parts -- the parts of the design or the implementation that you most want review on, or that you think would be most fruitful for finding issues?
C) What else should I be asking you, in terms of how to get this thing reviewed the mostest and the bestest? We rolled out NTor quicker than we rolled out TAP, relatively speaking, and now it would count as breaking a widely deployed system so I bet we can get some more people evaluating it.
Thanks! --Roger