[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[minion-cvs] Added a roger-inspired question and a proposal for link...

To: mixminion-cvs@freehaven.net
Subject: [minion-cvs] Added a roger-inspired question and a proposal for link...
From: nickm@seul.org (Nick Mathewson)
Date: Mon, 1 Jul 2002 19:51:00 -0400 (EDT)
Delivered-To: archiver@seul.org
Delivered-To: mixminion-cvs-outgoing@seul.org
Delivered-To: mixminion-cvs@seul.org
Delivery-Date: Mon, 01 Jul 2002 19:51:00 -0400
Reply-To: mixminion-cvs@freehaven.net
Sender: owner-mixminion-cvs@freehaven.net

Update of /home/minion/cvsroot/doc
In directory moria.seul.org:/tmp/cvs-serv2052

Modified Files:
	minion-spec.tex 
Log Message:
Added a roger-inspired question and a proposal for link padding

Index: minion-spec.tex
===================================================================
RCS file: /home/minion/cvsroot/doc/minion-spec.tex,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -d -r1.38 -r1.39
--- minion-spec.tex	1 Jul 2002 13:24:05 -0000	1.38
+++ minion-spec.tex	1 Jul 2002 23:50:57 -0000	1.39
@@ -718,6 +718,21 @@
 * A sends "SEND", NL, M, H(M,"SEND") (5 + 32k + 20 bytes)
 * B sends "RECEIVED", NL, H(M,"RECEIVED") (9 + 20 bytes)
 
+[XXXX Roger was wondering: what is the purpose of the RECEIVED ack? If
+   the server goes away without warning, SSL will tell us. -NM]
+
+[XXXX proposal to allow link-level padding:
+
+  If the hash sent from A to B is incorrect, B instead sends
+          "BAD SHA1", NL, H(M,"BAD SHA1"), (9+20 bytes).
+
+  (We provide this option in order to support link-level padding.  If
+  B did not send a hash of the incorrect message, a passive adversary
+  could mount a timing against the protocol.  If the "BAD SHA1"
+  message were not the same length as the RECEIVED message, an
+  adversary might be able to distinguish padding from messages by the
+  differing lengths of the reply messages. -NM]
+
 * A sends an TLS handshake renegotiation message.
   (and MUST not reuse the same key for 
    transfering another message)
@@ -838,7 +853,7 @@
      'Comments': Human-readable information about this server.  Must
          be <1024 bytes long.  It *must not* be necessary to read this
          information to use the server properly.
-     'Packet-key': A BASE64-encoded modulus used to encode subheaders
+     'Packet-Key': A BASE64-encoded modulus used to encode subheaders
          intended for this server.
 
 The digest of a descriptor block is computed by replacing all digest
@@ -864,7 +879,7 @@
 and any number of entries of the form:
 
       'Allow': Address
-      'Deny': IP
+      'Deny': Address
 
 The patterns are of the form:

Prev by Date: [minion-cvs] Many documentation/code cleanups, as suggested by Roger.
Next by Date: [minion-cvs] minor patches, addressing some of nick"s points
Prev by thread: [minion-cvs] Many documentation/code cleanups, as suggested by Roger.
Next by thread: [minion-cvs] minor patches, addressing some of nick"s points
Index(es):
- Date
- Thread