[tor-dev] sketch: An alternative prop224 authentication mechanism based on curve25519
desnacked at riseup.net
Thu Dec 1 21:17:06 UTC 2016
George Kadianakis <desnacked at riseup.net> writes:
> Nick Mathewson <nickm at torproject.org> writes:
>> [ text/plain ]
>> Hi! I thought I'd write this up while it was fresh in my mind. It
>> could be used as an alternative method to the current proposed client
>> authentication mechanism. We could implement both, or just this, or
>> just the other.
>> My description here will be a bit terser than we'd want in a proper
>> proposal, but I wanted to share it.
>> This design is based on George Kadianakis's client authentication
>> design; it won't make sense unless you've read it.
> OK people,
> I have a more mature torspec branch now for your eyes and only. Please
> see branch `prop224_client_auth_4` in my torspec repo:
> The changes are based on the feedback and discussion on this thread.
> The only real changes from `prop224_client_auth_3` is that it increases
> the max descriptor size to 50k, and it removes the username/password
> intro-level authorization.
> Please let me know of anything that seems off, or anything that can make
> the proposal more readable. Otherwise, we should merge this upstream and
> move forward with fixing the already merged prop224 HSDir code.
I merged the above patch to torspec.git.
Thanks for the feedback and helpful comments everyone!
More information about the tor-dev