On Thu, Dec 5, 2013 at 8:31 AM, Kang <td66bshwu@gmail.com> wrote:

Hello. I gave it a quick once over and these are my thoughts.

I very much appreciate the ``Participants'' and ``In more detail: A menagerie of keys'' sections. I've had trouble in the past where I've been reading Tor specs and a new (or inconsistently named) key or actor is mentioned in passing. Likewise I appreciate that | was explicitly defined as concatenation, since in the current rend-spec it's left ambiguous.

Yeah; the current Tor specs do have a problem where they all kind of assume that you've read all the other specs. That's one reason I wanted to

A few times you mention ``consensus parameters''. I assume these are values that go in the params field of the consensus, although it wasn't particularly clear (for me) until I looked it up in dir-spec.

Right; I should add a reference to dir-spec at the appropriate place.

I like the ``Offline operation'' idea; that would certainly be more secure than distributing the same private key to several servers.

In the hsdir_index(node) formula what exactly is ``node_identity_digest''?

It's an identity digest as used in tor-spec: a SHA1 digest of the node's RSA identity key. I should add a reference there too. (See proposal 220 for the start of migrating keys away from RSA1024 and SHA1, though in this case I don't think that matters.) yrs, -- Nick