[tor-commits] [metrics-web/master] Add changes section to bridge descriptors specification.

karsten at torproject.org karsten at torproject.org
Mon Sep 18 12:26:22 UTC 2017 

commit 30b882f68f2a4ee1d7147e6bbae6a9b4eefd7322
Author: Karsten Loesing <karsten.loesing at gmx.net>
Date:   Mon Sep 18 14:25:39 2017 +0200

    Add changes section to bridge descriptors specification.
    
    Fixes #23391.
---
 .../src/main/resources/spec/bridge-descriptors.xml |  29 ++
 .../resources/web/WEB-INF/bridge-descriptors.jsp   | 339 ++++++++++++---------
 2 files changed, 216 insertions(+), 152 deletions(-)

diff --git a/website/src/main/resources/spec/bridge-descriptors.xml b/website/src/main/resources/spec/bridge-descriptors.xml
index f30056f..5af58b9 100644
--- a/website/src/main/resources/spec/bridge-descriptors.xml
+++ b/website/src/main/resources/spec/bridge-descriptors.xml
@@ -39,6 +39,35 @@
       document meta-format</eref> of the Tor directory protocol, version 3
       is used.</t>
     </section>
+    <section title="Changes">
+      <t>Sanitization has changed several times over the years.
+      The following list contains all major changes that resulted in raising the
+      "@type" annotation of a descriptor:
+        <list>
+          <t>May 30, 2012: "@type" annotations were first added to sanitized
+          descriptors to indicate descriptor type and version: "@type
+          bridge-server-descriptor 1.0", "@type bridge-extra-info 1.0", and
+          "@type bridge-network-status 1.0".</t>
+          <t>June 29, 2012: "@type bridge-extra-info 1.1" added sanitized
+          "transport" lines.</t>
+          <t>February 1, 2013: "@type bridge-extra-info 1.2" was supposed to
+          indicate added "ntor-onion-key" lines, but those changes only affected
+          bridge server descriptors, not extra-info descriptors. So, nothing has
+          changed as compared to "@type bridge-extra-info 1.1", and there may be
+          "@type bridge-server-descriptor 1.0" descriptors with and without
+          those lines.</t>
+          <t>June 19, 2015: "@type bridge-server-descriptor 1.1" and "@type
+          bridge-extra-info 1.3" added "master-key-ed25519" and
+          "router-digest-sha256" lines to descriptors published by bridges using
+          an ed25519 master key.</t>
+          <t>September 18, 2016: "@type bridge-server-descriptor 1.2" and "@type
+          bridge-network-status 1.1" introduced sanitized TCP ports.</t>
+          <t>July 10, 2017: "@type bridge-network-status 1.2" introduced the
+          "fingerprint" line, containing the fingerprint of the bridge authority
+          which produced the document, to the header. </t>
+        </list>
+      </t>
+    </section>
     <section title="Sanitizing potentially sensitive descriptor items">
       <t>The following sanitizing steps are applied to original, non-sanitized
       bridge descriptors.</t>
diff --git a/website/src/main/resources/web/WEB-INF/bridge-descriptors.jsp b/website/src/main/resources/web/WEB-INF/bridge-descriptors.jsp
index db7aaa2..8e482bd 100644
--- a/website/src/main/resources/web/WEB-INF/bridge-descriptors.jsp
+++ b/website/src/main/resources/web/WEB-INF/bridge-descriptors.jsp
@@ -45,20 +45,55 @@ used.</p>
 </section>
 </div> <!-- container -->
 <div class="container">
-<section id="n-sanitizing-potentially-sensitive-descriptor-items">
+<section id="n-changes">
 <h2 id="rfc.section.2"><a href=
-"#rfc.section.2">2.</a> <a href="#n-sanitizing-potentially-sensitive-descriptor-items">Sanitizing
-potentially sensitive descriptor items</a></h2>
+"#rfc.section.2">2.</a> <a href="#n-changes">Changes</a></h2>
 <div id="rfc.section.2.p.1">
+<p>Sanitization has changed several times over the years. The
+following list contains all major changes that resulted in raising
+the "@type" annotation of a descriptor:</p>
+<ul class="empty">
+<li>May 30, 2012: "@type" annotations were first added to sanitized
+descriptors to indicate descriptor type and version: "@type
+bridge-server-descriptor 1.0", "@type bridge-extra-info 1.0", and
+"@type bridge-network-status 1.0".</li>
+<li>June 29, 2012: "@type bridge-extra-info 1.1" added sanitized
+"transport" lines.</li>
+<li>February 1, 2013: "@type bridge-extra-info 1.2" was supposed to
+indicate added "ntor-onion-key" lines, but those changes only
+affected bridge server descriptors, not extra-info descriptors. So,
+nothing has changed as compared to "@type bridge-extra-info 1.1",
+and there may be "@type bridge-server-descriptor 1.0" descriptors
+with and without those lines.</li>
+<li>June 19, 2015: "@type bridge-server-descriptor 1.1" and "@type
+bridge-extra-info 1.3" added "master-key-ed25519" and
+"router-digest-sha256" lines to descriptors published by bridges
+using an ed25519 master key.</li>
+<li>September 18, 2016: "@type bridge-server-descriptor 1.2" and
+"@type bridge-network-status 1.1" introduced sanitized TCP
+ports.</li>
+<li>July 10, 2017: "@type bridge-network-status 1.2" introduced the
+"fingerprint" line, containing the fingerprint of the bridge
+authority which produced the document, to the header.</li>
+</ul>
+</div>
+</section>
+</div> <!-- container -->
+<div class="container">
+<section id="n-sanitizing-potentially-sensitive-descriptor-items">
+<h2 id="rfc.section.3"><a href=
+"#rfc.section.3">3.</a> <a href="#n-sanitizing-potentially-sensitive-descriptor-items">Sanitizing
+potentially sensitive descriptor items</a></h2>
+<div id="rfc.section.3.p.1">
 <p>The following sanitizing steps are applied to original,
 non-sanitized bridge descriptors.</p>
 </div>
 <div class="container">
 <section id="type-annotation">
-<h3 id="rfc.section.2.1"><a href=
-"#rfc.section.2.1">2.1.</a> <a href="#type-annotation">Prefix
+<h3 id="rfc.section.3.1"><a href=
+"#rfc.section.3.1">3.1.</a> <a href="#type-annotation">Prefix
 with @type annotation</a></h3>
-<div id="rfc.section.2.1.p.1">
+<div id="rfc.section.3.1.p.1">
 <p>"@type" SP DescriptorType SP Version</p>
 <ul class="empty">
 <li>DescriptorType is a fixed string that identifies the sanitized
@@ -74,10 +109,10 @@ for backward-compatible changes.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="fingerprint">
-<h3 id="rfc.section.2.2"><a href=
-"#rfc.section.2.2">2.2.</a> <a href="#fingerprint">Replace RSA
+<h3 id="rfc.section.3.2"><a href=
+"#rfc.section.3.2">3.2.</a> <a href="#fingerprint">Replace RSA
 fingerprints</a></h3>
-<div id="rfc.section.2.2.p.1">
+<div id="rfc.section.3.2.p.1">
 <p>HashedFingerprint = SHA1(Fingerprint)</p>
 <ul class="empty">
 <li>Fingerprint is the decoded binary representation of the SHA-1
@@ -98,17 +133,17 @@ to replace the Fingerprint with its SHA-1 hash.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="master-key-ed25519">
-<h3 id="rfc.section.2.3"><a href=
-"#rfc.section.2.3">2.3.</a> <a href=
+<h3 id="rfc.section.3.3"><a href=
+"#rfc.section.3.3">3.3.</a> <a href=
 "#master-key-ed25519">Replace ed25519 master keys</a></h3>
-<div id="rfc.section.2.3.p.1">
+<div id="rfc.section.3.3.p.1">
 <p>HashedMasterKeyEd25519 = SHA256(MasterKeyEd25519)</p>
 <ul class="empty">
 <li>MasterKeyEd25519 is the decoded binary representation of an
 ed25519 master key.</li>
 <li>Similar to (non-sanitized) RSA fingerprints (<a href=
 "#fingerprint" title=
-"Replace RSA fingerprints">Section 2.2</a>), ed25519 master
+"Replace RSA fingerprints">Section 3.2</a>), ed25519 master
 keys could be used to uniquely identify bridges and to request a
 current descriptor from the bridge authority. That is why they are
 replaced with their SHA-256 hashes. In cases where a descriptor
@@ -121,10 +156,10 @@ before sanitizing it.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="crypto">
-<h3 id="rfc.section.2.4"><a href=
-"#rfc.section.2.4">2.4.</a> <a href="#crypto">Remove public
+<h3 id="rfc.section.3.4"><a href=
+"#rfc.section.3.4">3.4.</a> <a href="#crypto">Remove public
 keys, certificates, and signatures</a></h3>
-<div id="rfc.section.2.4.p.1">
+<div id="rfc.section.3.4.p.1">
 <p>[Removed.]</p>
 <ul class="empty">
 <li>Some of the public keys and certificates could be used to
@@ -139,13 +174,13 @@ sanitizing process.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="ipv4-address">
-<h3 id="rfc.section.2.5"><a href=
-"#rfc.section.2.5">2.5.</a> <a href="#ipv4-address">Replace
+<h3 id="rfc.section.3.5"><a href=
+"#rfc.section.3.5">3.5.</a> <a href="#ipv4-address">Replace
 IPv4 addresses</a></h3>
-<div id="rfc.section.2.5.p.1">
+<div id="rfc.section.3.5.p.1">
 <p>SanitizedIpv4Address = "10." | KeyedHash</p>
 </div>
-<div id="rfc.section.2.5.p.2">
+<div id="rfc.section.3.5.p.2">
 <p>KeyedHash = SHA256(Ipv4Address | Fingerprint | Secret)[:3]</p>
 <ul class="empty">
 <li>Address is the 4-byte long binary representation of the
@@ -170,13 +205,13 @@ month.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="ipv6-address">
-<h3 id="rfc.section.2.6"><a href=
-"#rfc.section.2.6">2.6.</a> <a href="#ipv6-address">Replace
+<h3 id="rfc.section.3.6"><a href=
+"#rfc.section.3.6">3.6.</a> <a href="#ipv6-address">Replace
 IPv6 addresses</a></h3>
-<div id="rfc.section.2.6.p.1">
+<div id="rfc.section.3.6.p.1">
 <p>SanitizedIpv6Address = "[fd9f:2e19:3bcf::" | KeyedHash | "]"</p>
 </div>
-<div id="rfc.section.2.6.p.2">
+<div id="rfc.section.3.6.p.2">
 <p>KeyedHash = SHA256(Ipv6Address | Fingerprint | Secret)[:3]</p>
 <ul class="empty">
 <li>Address is the 16-byte long binary representation of the
@@ -190,7 +225,7 @@ month.</li>
 the result and encodes it as two lower-case hexadecimal numbers, a
 colon, and another four lower-case hexadecimal numbers.</li>
 <li>Similar to IPv4 addresses (<a href="#ipv4-address" title=
-"Replace IPv4 addresses">Section 2.5</a>), IPv6 addresses are
+"Replace IPv4 addresses">Section 3.5</a>), IPv6 addresses are
 replaced with syntactical valid addresses in the address range
 [fd9f:2e19:3bcf::/116] based on a keyed hash function that produces
 the same sanitized address for a given bridge, IPv6 address, and
@@ -201,13 +236,13 @@ month.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="tcp-port">
-<h3 id="rfc.section.2.7"><a href=
-"#rfc.section.2.7">2.7.</a> <a href="#tcp-port">Replace TCP
+<h3 id="rfc.section.3.7"><a href=
+"#rfc.section.3.7">3.7.</a> <a href="#tcp-port">Replace TCP
 ports</a></h3>
-<div id="rfc.section.2.7.p.1">
+<div id="rfc.section.3.7.p.1">
 <p>SanitizedPort = KeyedHash / 2^2 + 2^15 + 2^14</p>
 </div>
-<div id="rfc.section.2.7.p.2">
+<div id="rfc.section.3.7.p.2">
 <p>KeyedHash = SHA256(Port | Fingerprint | Secret)[:2]</p>
 <ul class="empty">
 <li>Port is the 2-byte long binary representation of the TCP
@@ -234,10 +269,10 @@ sanitized port for a given bridge, TCP port, and month.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="contact">
-<h3 id="rfc.section.2.8"><a href=
-"#rfc.section.2.8">2.8.</a> <a href="#contact">Remove contact
+<h3 id="rfc.section.3.8"><a href=
+"#rfc.section.3.8">3.8.</a> <a href="#contact">Remove contact
 information</a></h3>
-<div id="rfc.section.2.8.p.1">
+<div id="rfc.section.3.8.p.1">
 <p>SanitizedContact = "somebody"</p>
 <ul class="empty">
 <li>If there is contact information in a descriptor, it is replaced
@@ -250,10 +285,10 @@ towards retaining the original contact information.)</li>
 </div> <!-- container -->
 <div class="container">
 <section id="transport">
-<h3 id="rfc.section.2.9"><a href=
-"#rfc.section.2.9">2.9.</a> <a href="#transport">Remove
+<h3 id="rfc.section.3.9"><a href=
+"#rfc.section.3.9">3.9.</a> <a href="#transport">Remove
 extraneous transport information</a></h3>
-<div id="rfc.section.2.9.p.1">
+<div id="rfc.section.3.9.p.1">
 <p>[Removed.]</p>
 <ul class="empty">
 <li>Bridges may provide transports in addition to the OR protocol
@@ -267,14 +302,14 @@ transport names.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="replaced-digest">
-<h3 id="rfc.section.2.10"><a href=
-"#rfc.section.2.10">2.10.</a> <a href=
+<h3 id="rfc.section.3.10"><a href=
+"#rfc.section.3.10">3.10.</a> <a href=
 "#replaced-digest">Replace digests in referencing
 descriptors</a></h3>
-<div id="rfc.section.2.10.p.1">
+<div id="rfc.section.3.10.p.1">
 <p>SanitizedSha1Digest = SHA1(Sha1Digest)</p>
 </div>
-<div id="rfc.section.2.10.p.2">
+<div id="rfc.section.3.10.p.2">
 <p>SanitizedSha256Digest = SHA256(Sha256Digest)</p>
 <ul class="empty">
 <li>Sha1Digest is the 20-byte long binary representation of a
@@ -290,7 +325,7 @@ the base64-encoded SHA-256 hash of the original digest, depending
 on which hash algorithm was used to generate the original digest.
 The resulting digest string in a referencing descriptor can then be
 matched to an appended digest (<a href="#appended-digest" title=
-"Append digests to referenced descriptors">Section 2.11</a>)
+"Append digests to referenced descriptors">Section 3.11</a>)
 in a referenced descriptor.</li>
 </ul>
 </div>
@@ -298,14 +333,14 @@ in a referenced descriptor.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="appended-digest">
-<h3 id="rfc.section.2.11"><a href=
-"#rfc.section.2.11">2.11.</a> <a href=
+<h3 id="rfc.section.3.11"><a href=
+"#rfc.section.3.11">3.11.</a> <a href=
 "#appended-digest">Append digests to referenced
 descriptors</a></h3>
-<div id="rfc.section.2.11.p.1">
+<div id="rfc.section.3.11.p.1">
 <p>SanitizedSha1Digest = SHA1(Sha1Digest)</p>
 </div>
-<div id="rfc.section.2.11.p.2">
+<div id="rfc.section.3.11.p.2">
 <p>SanitizedSha256Digest = SHA256(Sha256Digest)</p>
 <ul class="empty">
 <li>Sha1Digest is the 20-byte long binary representation of a
@@ -313,7 +348,7 @@ descriptor's SHA-1 digest.</li>
 <li>Sha256Digest is the 32-byte long binary representation of a
 descriptor's SHA-256 digest.</li>
 <li>As stated above (<a href="#replaced-digest" title=
-"Replace digests in referencing descriptors">Section 2.10</a>),
+"Replace digests in referencing descriptors">Section 3.10</a>),
 some descriptors are referenced by others by their digest. But in
 contrast to non-sanitized descriptors, it's neither possible to
 compute the digest of a sanitized descriptor nor is it desirable to
@@ -326,7 +361,7 @@ original digest, depending on which hash algorithm would have been
 used to generate the original digest. The resulting digest string
 can then be matched to a sanitized digest (<a href=
 "#replaced-digest" title=
-"Replace digests in referencing descriptors">Section 2.10</a>)
+"Replace digests in referencing descriptors">Section 3.10</a>)
 in a referencing descriptor.</li>
 </ul>
 </div>
@@ -336,10 +371,10 @@ in a referencing descriptor.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="n-server-descriptor-document-format">
-<h2 id="rfc.section.3"><a href=
-"#rfc.section.3">3.</a> <a href="#n-server-descriptor-document-format">Server
+<h2 id="rfc.section.4"><a href=
+"#rfc.section.4">4.</a> <a href="#n-server-descriptor-document-format">Server
 descriptor document format</a></h2>
-<div id="rfc.section.3.p.1">
+<div id="rfc.section.4.p.1">
 <p>The document format of sanitized bridge server descriptors
 resembles the document format of (non-sanitized) server descriptors
 as much as possible. Also refer to the <a href=
@@ -350,21 +385,21 @@ counterparts.</p>
 </div>
 <div class="container">
 <section id="n-annotations_1">
-<h3 id="rfc.section.3.1"><a href=
-"#rfc.section.3.1">3.1.</a> <a href=
+<h3 id="rfc.section.4.1"><a href=
+"#rfc.section.4.1">4.1.</a> <a href=
 "#n-annotations_1">Annotations</a></h3>
-<div id="rfc.section.3.1.p.1">
+<div id="rfc.section.4.1.p.1">
 <p>The bridge authority may prefix descriptors with one or more
 annotation lines containing metadata, and the sanitizer may add
 annotation lines with metadata about the sanitizing process.</p>
 </div>
-<div id="rfc.section.3.1.p.2">
+<div id="rfc.section.4.1.p.2">
 <p>"@purpose" SP Purpose NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 </ul>
 </div>
-<div id="rfc.section.3.1.p.3">
+<div id="rfc.section.4.1.p.3">
 <p>"@type" SP "bridge-server-descriptor" SP Version</p>
 <ul class="empty">
 <li>[Exactly once.]</li>
@@ -388,14 +423,14 @@ master key.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="n-descriptor-body_1">
-<h3 id="rfc.section.3.2"><a href=
-"#rfc.section.3.2">3.2.</a> <a href=
+<h3 id="rfc.section.4.2"><a href=
+"#rfc.section.4.2">4.2.</a> <a href=
 "#n-descriptor-body_1">Descriptor body</a></h3>
-<div id="rfc.section.3.2.p.1" class="avoidbreakafter">
+<div id="rfc.section.4.2.p.1" class="avoidbreakafter">
 <p>The body of a sanitized bridge server descriptor contains
 several sanitized items as specified in the following:</p>
 </div>
-<div id="rfc.section.3.2.p.2">
+<div id="rfc.section.4.2.p.2">
 <p>"router" SP Nickname SP SanitizedAddress SP SanitizedORPort SP
 SOCKSPort SP SanitizedDirPort NL</p>
 <ul class="empty">
@@ -403,148 +438,148 @@ SOCKSPort SP SanitizedDirPort NL</p>
 <li>Nickname is the bridge's original, unchanged nickname.</li>
 <li>SanitizedAddress is the bridge's sanitized IP address (<a href=
 "#ipv4-address" title=
-"Replace IPv4 addresses">Section 2.5</a>).</li>
+"Replace IPv4 addresses">Section 3.5</a>).</li>
 <li>SanitizedORPort is the bridge's sanitized OR port (<a href=
-"#tcp-port" title="Replace TCP ports">Section 2.7</a>) (since
+"#tcp-port" title="Replace TCP ports">Section 3.7</a>) (since
 version 1.2) or the original OR port (until version 1.1).</li>
 <li>SOCKSPort is deprecated and always 0, as in the original,
 non-sanitized server descriptor.</li>
 <li>SanitizedDirPort is the bridge's sanitized directory port
 (<a href="#tcp-port" title=
-"Replace TCP ports">Section 2.7</a>) (since version 1.2) or
+"Replace TCP ports">Section 3.7</a>) (since version 1.2) or
 the original directory port (until version 1.1).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.3">
+<div id="rfc.section.4.2.p.3">
 <p>"or-address" SP SanitizedAddress ":" SanitizedPort NL</p>
 <ul class="empty">
 <li>[Any number.]</li>
 <li>SanitizedAddress is either an additional sanitized IPv4 address
 (<a href="#ipv4-address" title=
-"Replace IPv4 addresses">Section 2.5</a>) or sanitized IPv6
+"Replace IPv4 addresses">Section 3.5</a>) or sanitized IPv6
 address (<a href="#ipv6-address" title=
-"Replace IPv6 addresses">Section 2.6</a>).</li>
+"Replace IPv6 addresses">Section 3.6</a>).</li>
 <li>SanitizedPort is an additional sanitized OR port (<a href=
-"#tcp-port" title="Replace TCP ports">Section 2.7</a>) (since
+"#tcp-port" title="Replace TCP ports">Section 3.7</a>) (since
 version 1.2) or original OR port (until version 1.1).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.4">
+<div id="rfc.section.4.2.p.4">
 <p>"identity-ed25519" NL CertificateBlock NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.5">
+<div id="rfc.section.4.2.p.5">
 <p>"master-key-ed25519" SP SanitizedMasterKey NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>SanitizedMasterKey is the bridge's sanitized ed25519 master key
 (<a href="#master-key-ed25519" title=
-"Replace ed25519 master keys">Section 2.3</a>). (Introduced in
+"Replace ed25519 master keys">Section 3.3</a>). (Introduced in
 version 1.1, not present in earlier versions.)</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.6">
+<div id="rfc.section.4.2.p.6">
 <p>"fingerprint" SP SanitizedFingerprint NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>SanitizedFingerprint is the bridge's sanitized fingerprint
 (<a href="#fingerprint" title=
-"Replace RSA fingerprints">Section 2.2</a>), formatted with a
+"Replace RSA fingerprints">Section 3.2</a>), formatted with a
 single SP after every 4 characters.</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.7">
+<div id="rfc.section.4.2.p.7">
 <p>"contact" SP SanitizedContact NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>SanitizedContact is the bridge's sanitized contact information
 (<a href="#contact" title=
-"Remove contact information">Section 2.8</a>).</li>
+"Remove contact information">Section 3.8</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.8">
+<div id="rfc.section.4.2.p.8">
 <p>"reject" SP ExitPattern NL</p>
 <ul class="empty">
 <li>[Any number.]</li>
 <li>ExitPattern contains the bridge's sanitized IPv4 address
 (<a href="#ipv4-address" title=
-"Replace IPv4 addresses">Section 2.5</a>), if the original
+"Replace IPv4 addresses">Section 3.5</a>), if the original
 line contained the bridge's primary IP address, and is otherwise
 unchanged. (Note that "accept" lines are exempt from this
 sanitizing step, which doesn't really make sense and which might
 change in the future.)</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.9">
+<div id="rfc.section.4.2.p.9">
 <p>"extra-info-digest" SP SanitizedSha1Digest [SP
 SanitizedSha256Digest] NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>SanitizedSha1Digest is the sanitized SHA-1 digest (<a href=
 "#replaced-digest" title=
-"Replace digests in referencing descriptors">Section 2.10</a>)
+"Replace digests in referencing descriptors">Section 3.10</a>)
 of the corresponding extra-info descriptor.</li>
 <li>SanitizedSha256Digest is the sanitized SHA-256 digest (<a href=
 "#replaced-digest" title=
-"Replace digests in referencing descriptors">Section 2.10</a>)
+"Replace digests in referencing descriptors">Section 3.10</a>)
 of corresponding extra-info descriptor and is only included if the
 original line contained a SHA-256 digest.</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.10">
+<div id="rfc.section.4.2.p.10">
 <p>"family" (SP Name)* NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>Name is either the sanitized fingerprint (<a href=
 "#fingerprint" title=
-"Replace RSA fingerprints">Section 2.2</a>) or unchanged
+"Replace RSA fingerprints">Section 3.2</a>) or unchanged
 nickname of another relay or bridge that is purportedly in the same
 family as this bridge.</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.11">
+<div id="rfc.section.4.2.p.11">
 <p>"onion-key" NL PublicKeyBlock NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>The bridge's medium-term RSA key is removed together with most
 other public keys, certificates, and signatures (<a href="#crypto"
 title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.12">
+<div id="rfc.section.4.2.p.12">
 <p>"signing-key" NL PublicKeyBlock NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>The bridge's long-term RSA key is removed together with most
 other public keys, certificates, and signatures (<a href="#crypto"
 title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.13">
+<div id="rfc.section.4.2.p.13">
 <p>"onion-key-crosscert" NL SignatureBlock NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>This cross signature created with the onion-key is removed
 together with most other public keys, certificates, and signatures
 (<a href="#crypto" title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.14">
+<div id="rfc.section.4.2.p.14">
 <p>"ntor-onion-key-crosscert" SP PublicKey NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>This cross signature created with the ntor-onion-key is removed
 together with most other public keys, certificates, and signatures
 (<a href="#crypto" title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.15">
+<div id="rfc.section.4.2.p.15">
 <p>"ntor-onion-key" SP NtorOnionKey NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
@@ -559,43 +594,43 @@ result, there are sanitized bridge server descriptors with version
 this line</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.16">
+<div id="rfc.section.4.2.p.16">
 <p>"router-sig-ed25519" SP Signature NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>The ed25519 signature is removed together with most other
 public keys, certificates, and signatures (<a href="#crypto" title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.17">
+<div id="rfc.section.4.2.p.17">
 <p>"router-signature" NL SignatureBlock NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>The RSA signature is removed together with most other public
 keys, certificates, and signatures (<a href="#crypto" title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.18">
+<div id="rfc.section.4.2.p.18">
 <p>"router-digest-sha256" SP SanitizedSha256Digest NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>SanitizedSha256Digest is the sanitized SHA-256 digest (<a href=
 "#appended-digest" title=
-"Append digests to referenced descriptors">Section 2.11</a>)
+"Append digests to referenced descriptors">Section 3.11</a>)
 of this descriptor and is only included if the original descriptor
 contained an ed25519 signature of the descriptor's SHA-256 digest.
 (Introduced in version 1.1, not present in earlier versions.)</li>
 </ul>
 </div>
-<div id="rfc.section.3.2.p.19">
+<div id="rfc.section.4.2.p.19">
 <p>"router-digest" SP SanitizedSha1Digest NL</p>
 <ul class="empty">
 <li>[At end, exactly once.]</li>
 <li>SanitizedSha1Digest is the sanitized SHA-1 digest (<a href=
 "#appended-digest" title=
-"Append digests to referenced descriptors">Section 2.11</a>)
+"Append digests to referenced descriptors">Section 3.11</a>)
 of this descriptor.</li>
 </ul>
 </div>
@@ -605,10 +640,10 @@ of this descriptor.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="n-extra-info-descriptor-document-format">
-<h2 id="rfc.section.4"><a href=
-"#rfc.section.4">4.</a> <a href="#n-extra-info-descriptor-document-format">Extra-info
+<h2 id="rfc.section.5"><a href=
+"#rfc.section.5">5.</a> <a href="#n-extra-info-descriptor-document-format">Extra-info
 descriptor document format</a></h2>
-<div id="rfc.section.4.p.1">
+<div id="rfc.section.5.p.1">
 <p>The document format of sanitized extra-info descriptors follows
 the same approach as sanitized server descriptors by changing as
 few items as possible in their original, non-sanitized counterpart.
@@ -619,10 +654,10 @@ specification are listed below.</p>
 </div>
 <div class="container">
 <section id="n-annotations_2">
-<h3 id="rfc.section.4.1"><a href=
-"#rfc.section.4.1">4.1.</a> <a href=
+<h3 id="rfc.section.5.1"><a href=
+"#rfc.section.5.1">5.1.</a> <a href=
 "#n-annotations_2">Annotations</a></h3>
-<div id="rfc.section.4.1.p.1">
+<div id="rfc.section.5.1.p.1">
 <p>"@type" SP "bridge-extra-info" SP Version</p>
 <ul class="empty">
 <li>[Exactly once.]</li>
@@ -645,24 +680,24 @@ ed25519 master key.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="n-descriptor-body_2">
-<h3 id="rfc.section.4.2"><a href=
-"#rfc.section.4.2">4.2.</a> <a href=
+<h3 id="rfc.section.5.2"><a href=
+"#rfc.section.5.2">5.2.</a> <a href=
 "#n-descriptor-body_2">Descriptor body</a></h3>
-<div id="rfc.section.4.2.p.1" class="avoidbreakafter">
+<div id="rfc.section.5.2.p.1" class="avoidbreakafter">
 <p>Several items in the extra-info descriptor body are changed or
 removed as compared to original, non-sanitized descriptors:</p>
 </div>
-<div id="rfc.section.4.2.p.2">
+<div id="rfc.section.5.2.p.2">
 <p>"extra-info" SP Nickname SP SanitizedFingerprint NL</p>
 <ul class="empty">
 <li>[At start, exactly once.]</li>
 <li>Nickname is the bridge's original, unchanged nickname.</li>
 <li>SanitizedFingerprint is the bridge's sanitized fingerprint
 (<a href="#fingerprint" title=
-"Replace RSA fingerprints">Section 2.2</a>).</li>
+"Replace RSA fingerprints">Section 3.2</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.3">
+<div id="rfc.section.5.2.p.3">
 <p>"transport" SP TransportName NL</p>
 <ul class="empty">
 <li>[Any number.]</li>
@@ -670,79 +705,79 @@ removed as compared to original, non-sanitized descriptors:</p>
 line.</li>
 <li>Any further details about this transport (<a href="#transport"
 title=
-"Remove extraneous transport information">Section 2.9</a>),
+"Remove extraneous transport information">Section 3.9</a>),
 including any IP addresses, TCP ports, or additional arguments are
 removed, only leaving in the supported transport names. (Introduced
 in version 1.1, not present in earlier versions.)</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.4">
+<div id="rfc.section.5.2.p.4">
 <p>"transport-info SP TransportInfo NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>Any lines containing extraneous transport information (<a href=
 "#transport" title=
-"Remove extraneous transport information">Section 2.9</a>) are
+"Remove extraneous transport information">Section 3.9</a>) are
 removed. (Note that these lines are not even specified for
 original, non-sanitized descriptors.)</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.5">
+<div id="rfc.section.5.2.p.5">
 <p>"identity-ed25519" NL CertificateBlock NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>The RSA signature is removed together with most other public
 keys, certificates, and signatures (<a href="#crypto" title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.6">
+<div id="rfc.section.5.2.p.6">
 <p>"master-key-ed25519" SP SanitizedMasterKey NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>SanitizedMasterKey is the bridge's sanitized ed25519 master key
 (<a href="#master-key-ed25519" title=
-"Replace ed25519 master keys">Section 2.3</a>). (Introduced in
+"Replace ed25519 master keys">Section 3.3</a>). (Introduced in
 version 1.3, not present in earlier versions.)</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.7">
+<div id="rfc.section.5.2.p.7">
 <p>"router-sig-ed25519" SP Signature NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>The ed25519 signature is removed together with most other
 public keys, certificates, and signatures (<a href="#crypto" title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.8">
+<div id="rfc.section.5.2.p.8">
 <p>"router-signature" NL SignatureBlock NL</p>
 <ul class="empty">
 <li>[Removed.]</li>
 <li>The RSA signature is removed together with most other public
 keys, certificates, and signatures (<a href="#crypto" title=
-"Remove public keys, certificates, and signatures">Section 2.4</a>).</li>
+"Remove public keys, certificates, and signatures">Section 3.4</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.9">
+<div id="rfc.section.5.2.p.9">
 <p>"router-digest-sha256" SP SanitizedSha256Digest NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
 <li>SanitizedSha256Digest is the sanitized SHA-256 digest (<a href=
 "#appended-digest" title=
-"Append digests to referenced descriptors">Section 2.11</a>)
+"Append digests to referenced descriptors">Section 3.11</a>)
 of this descriptor and is only included if the original descriptor
 contained an ed25519 signature of the descriptor's SHA-256 digest.
 (Introduced in version 1.3, not present in earlier versions.)</li>
 </ul>
 </div>
-<div id="rfc.section.4.2.p.10">
+<div id="rfc.section.5.2.p.10">
 <p>"router-digest" SP SanitizedSha1Digest NL</p>
 <ul class="empty">
 <li>[At end, exactly once.]</li>
 <li>SanitizedSha1Digest is the sanitized SHA-1 digest (<a href=
 "#appended-digest" title=
-"Append digests to referenced descriptors">Section 2.11</a>)
+"Append digests to referenced descriptors">Section 3.11</a>)
 of this descriptor.</li>
 </ul>
 </div>
@@ -752,10 +787,10 @@ of this descriptor.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="n-network-status-document-format">
-<h2 id="rfc.section.5"><a href=
-"#rfc.section.5">5.</a> <a href="#n-network-status-document-format">Network
+<h2 id="rfc.section.6"><a href=
+"#rfc.section.6">6.</a> <a href="#n-network-status-document-format">Network
 status document format</a></h2>
-<div id="rfc.section.5.p.1">
+<div id="rfc.section.6.p.1">
 <p>The document format of bridge network statuses is loosely based
 on the network status format specified in the <a href=
 "https://gitweb.torproject.org/torspec.git/tree/attic/dir-spec-v2.txt">
@@ -768,14 +803,14 @@ ones that differ.</p>
 </div>
 <div class="container">
 <section id="n-annotations_3">
-<h3 id="rfc.section.5.1"><a href=
-"#rfc.section.5.1">5.1.</a> <a href=
+<h3 id="rfc.section.6.1"><a href=
+"#rfc.section.6.1">6.1.</a> <a href=
 "#n-annotations_3">Annotations</a></h3>
-<div id="rfc.section.5.1.p.1" class="avoidbreakafter">
+<div id="rfc.section.6.1.p.1" class="avoidbreakafter">
 <p>Sanitized bridge network statuses start with one or more
 annotations:</p>
 </div>
-<div id="rfc.section.5.1.p.2">
+<div id="rfc.section.6.1.p.2">
 <p>"@type" SP "bridge-network-status" SP Version NL</p>
 <ul class="empty">
 <li>[Exactly once.]</li>
@@ -794,14 +829,14 @@ the header.</li>
 </div> <!-- container -->
 <div class="container">
 <section id="n-preamble">
-<h3 id="rfc.section.5.2"><a href=
-"#rfc.section.5.2">5.2.</a> <a href=
+<h3 id="rfc.section.6.2"><a href=
+"#rfc.section.6.2">6.2.</a> <a href=
 "#n-preamble">Preamble</a></h3>
-<div id="rfc.section.5.2.p.1" class="avoidbreakafter">
+<div id="rfc.section.6.2.p.1" class="avoidbreakafter">
 <p>The preamble contains zero or more of the following items in no
 predefined order:</p>
 </div>
-<div id="rfc.section.5.2.p.2">
+<div id="rfc.section.6.2.p.2">
 <p>"published" SP Publication NL</p>
 <ul class="empty">
 <li>[Exactly once.]</li>
@@ -809,7 +844,7 @@ predefined order:</p>
 left unchanged in the sanitizing process.</li>
 </ul>
 </div>
-<div id="rfc.section.5.2.p.3">
+<div id="rfc.section.6.2.p.3">
 <p>"flag-thresholds" SP Thresholds NL</p>
 <ul class="empty">
 <li>[At most once.]</li>
@@ -821,7 +856,7 @@ first introduced in <a href=
 directory protocol, version 3</a>.</li>
 </ul>
 </div>
-<div id="rfc.section.5.2.p.4">
+<div id="rfc.section.6.2.p.4">
 <p>"fingerprint" SP Fingerprint NL;</p>
 <ul class="empty">
 <li>[At most once.]</li>
@@ -836,17 +871,17 @@ earlier versions.)</li>
 </div> <!-- container -->
 <div class="container">
 <section id="n-router-entries">
-<h3 id="rfc.section.5.3"><a href=
-"#rfc.section.5.3">5.3.</a> <a href="#n-router-entries">Router
+<h3 id="rfc.section.6.3"><a href=
+"#rfc.section.6.3">6.3.</a> <a href="#n-router-entries">Router
 entries</a></h3>
-<div id="rfc.section.5.3.p.1">
+<div id="rfc.section.6.3.p.1">
 <p>For each bridge, there is one router entry containing one or
 more items. Similar to the preamble specification, the following
 specification lists all lines known in sanitized bridge network
 statuses, including those that are left unchanged in the sanitizing
 process.</p>
 </div>
-<div id="rfc.section.5.3.p.2">
+<div id="rfc.section.6.3.p.2">
 <p>"r" SP Nickname SP SanitizedFingerprint SP SanitizedSha1Digest
 SP Publication SP SanitizedAddress SP SanitizedORPort SP
 SanitizedDirPort NL</p>
@@ -855,52 +890,52 @@ SanitizedDirPort NL</p>
 <li>Nickname is the bridge's original, unchanged nickname.</li>
 <li>SanitizedFingerprint is the bridge's sanitized fingerprint
 (<a href="#fingerprint" title=
-"Replace RSA fingerprints">Section 2.2</a>).</li>
+"Replace RSA fingerprints">Section 3.2</a>).</li>
 <li>SanitizedSha1Digest is the sanitized SHA-1 digest (<a href=
 "#replaced-digest" title=
-"Replace digests in referencing descriptors">Section 2.10</a>)
+"Replace digests in referencing descriptors">Section 3.10</a>)
 of the corresponding server descriptor.</li>
 <li>Publication is the publication time for the corresponding
 server descriptor, which is left unchanged in the sanitizing
 process.</li>
 <li>SanitizedAddress is the bridge's sanitized IP address (<a href=
 "#ipv4-address" title=
-"Replace IPv4 addresses">Section 2.5</a>).</li>
+"Replace IPv4 addresses">Section 3.5</a>).</li>
 <li>SanitizedORPort is the bridge's sanitized OR port (<a href=
-"#tcp-port" title="Replace TCP ports">Section 2.7</a>) (since
+"#tcp-port" title="Replace TCP ports">Section 3.7</a>) (since
 version 1.1) or the original OR port (until version 1.0).</li>
 <li>SanitizedDirPort is the bridge's sanitized directory port
 (<a href="#tcp-port" title=
-"Replace TCP ports">Section 2.7</a>) (since version 1.1) or
+"Replace TCP ports">Section 3.7</a>) (since version 1.1) or
 the original directory port (until version 1.0).</li>
 </ul>
 </div>
-<div id="rfc.section.5.3.p.3">
+<div id="rfc.section.6.3.p.3">
 <p>"a" SP SanitizedAddress ":" SanitizedPort NL</p>
 <ul class="empty">
 <li>[Any number.]</li>
 <li>SanitizedAddress is either an additional sanitized IPv4 address
 (<a href="#ipv4-address" title=
-"Replace IPv4 addresses">Section 2.5</a>) or sanitized IPv6
+"Replace IPv4 addresses">Section 3.5</a>) or sanitized IPv6
 address (<a href="#ipv6-address" title=
-"Replace IPv6 addresses">Section 2.6</a>).</li>
+"Replace IPv6 addresses">Section 3.6</a>).</li>
 <li>SanitizedPort is an additional sanitized OR port (<a href=
-"#tcp-port" title="Replace TCP ports">Section 2.7</a>).</li>
+"#tcp-port" title="Replace TCP ports">Section 3.7</a>).</li>
 </ul>
 </div>
-<div id="rfc.section.5.3.p.4">
+<div id="rfc.section.6.3.p.4">
 <p>"s" ... NL</p>
 <ul class="empty">
 <li>[Unchanged.]</li>
 </ul>
 </div>
-<div id="rfc.section.5.3.p.5">
+<div id="rfc.section.6.3.p.5">
 <p>"w" ... NL</p>
 <ul class="empty">
 <li>[Unchanged.]</li>
 </ul>
 </div>
-<div id="rfc.section.5.3.p.6">
+<div id="rfc.section.6.3.p.6">
 <p>"p" ... NL</p>
 <ul class="empty">
 <li>[Unchanged.]</li>

More information about the tor-commits mailing list