Hello. I gave it a quick once over and these are my thoughts.
I very much appreciate the ``Participants'' and ``In more detail: A menagerie of keys'' sections. I've had trouble in the past where I've been reading Tor specs and a new (or inconsistently named) key or actor is mentioned in passing. Likewise I appreciate that | was explicitly defined as concatenation, since in the current rend-spec it's left ambiguous.
A few times you mention ``consensus parameters''. I assume these are values that go in the params field of the consensus, although it wasn't particularly clear (for me) until I looked it up in dir-spec.
I like the ``Offline operation'' idea; that would certainly be more secure than distributing the same private key to several servers.
In the hsdir_index(node) formula what exactly is ``node_identity_digest''?
On Thu, Dec 5, 2013 at 8:31 AM, Kang td66bshwu@gmail.com wrote:
Hello. I gave it a quick once over and these are my thoughts.
I very much appreciate the ``Participants'' and ``In more detail: A menagerie of keys'' sections. I've had trouble in the past where I've been reading Tor specs and a new (or inconsistently named) key or actor is mentioned in passing. Likewise I appreciate that | was explicitly defined as concatenation, since in the current rend-spec it's left ambiguous.
Yeah; the current Tor specs do have a problem where they all kind of assume that you've read all the other specs. That's one reason I wanted to
A few times you mention ``consensus parameters''. I assume these are values that go in the params field of the consensus, although it wasn't particularly clear (for me) until I looked it up in dir-spec.
Right; I should add a reference to dir-spec at the appropriate place.
I like the ``Offline operation'' idea; that would certainly be more secure than distributing the same private key to several servers.
In the hsdir_index(node) formula what exactly is ``node_identity_digest''?
It's an identity digest as used in tor-spec: a SHA1 digest of the node's RSA identity key. I should add a reference there too.
(See proposal 220 for the start of migrating keys away from RSA1024 and SHA1, though in this case I don't think that matters.)
yrs,