[tor-commits] [torspec/master] prop224: Change format of enc-key cross certification

nickm at torproject.org nickm at torproject.org
Wed Sep 7 00:12:45 UTC 2016


commit d0e79a351cfcadbd6ce654521d416ac04c6f9f7c
Author: David Goulet <dgoulet at torproject.org>
Date:   Wed Aug 24 13:17:28 2016 -0400

    prop224: Change format of enc-key cross certification
    
    Use a more standard format from Tor and proposal 220 instead of our own
    construction.
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 proposals/224-rend-spec-ng.txt | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index 9833b49..fd0f76c 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -1036,17 +1036,16 @@ Table of contents:
           Cross-certification of the descriptor signing key by the enc-key.
           The format of this certificate depends on the type of enc-key.
 
-          For "ntor" keys, certificate is a proposal 220 certificate in
-          "-----BEGIN ED25519 CERT-----" armor, cross-certifying the
+          For "ntor" keys, certificate is a proposal 220 certificate wrapped
+          in "-----BEGIN ED25519 CERT-----" armor, cross-certifying the
           descriptor signing key with the ed25519 equivalent of the curve25519
           public key from "enc-key" derived using the process in proposal 228
           appendix A. The certificate type must be [10], and the signing-key
           extension is mandatory.
 
-          For "legacy" keys, certificate is an RSA signature wrapped in
-          "-----BEGIN SIGNATURE-----" of the digest:
-              H("legacy introduction point encryption key" | ED25519_KEY)
-          ED25519_KEY is the 32 byte descriptor signing public key.
+          For "legacy" keys, certificate is a proposal 220 certificate wrapped
+          in "-----BEGIN CROSSCERT-----" armor, cross-certifying the
+          descriptor signing key with the legacy RSA encryption key.
 
    To remain compatible with future revisions to the descriptor format,
    clients should ignore unrecognized lines in the descriptor.





More information about the tor-commits mailing list