[tor-dev] New Proposal - CAA Extensions for the Tor Rendezvous Specification

Q Misell q at as207960.net
Thu Apr 27 12:56:20 UTC 2023 

Yes, signed is what I meant. I will update the document.
------------------------------

Any statements contained in this email are personal to the author and are
not necessarily the statements of the company unless specifically stated.
AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace,
Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company
registered in Wales under № 12417574
<https://find-and-update.company-information.service.gov.uk/company/12417574>.
ICO register №: ZA782876 <https://ico.org.uk/ESDWebPages/Entry/ZA782876>.
UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524.
South Korean VAT №: 522-80-03080. Glauca Digital and the Glauca logo are
registered trademarks in the UK, under № UK00003718474 and № UK00003718468,
respectively.

On Thu, 27 Apr 2023 at 13:54, Ian Goldberg <iang at uwaterloo.ca> wrote:

> On Tue, Apr 25, 2023 at 01:02:28PM +0100, Q Misell via tor-dev wrote:
> > Security Considerations:
> >   The second layer descriptor is encrypted and MACed in a way that only
> a party
> >   with access to the secret key of the hidden service could manipulate
> what is
> >   published there. Therefore, Tor CAA records have at least the same
> security as
> >   those in the DNS secured by DNSSEC.
>
> Did you mean "signed"? If it's just encrypted and MACed, then anyone who
> can decrypt and check the MAC can also alter the contents, of course.
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://e.as207960.net/w4bdyj/Clnj1LKF
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20230427/886cb55f/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4640 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20230427/886cb55f/attachment-0001.bin>

More information about the tor-dev mailing list