[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] Directory-related changes, and zlib issue.
Update of /home/minion/cvsroot/doc
In directory moria.mit.edu:/tmp/cvs-serv4415/doc
Modified Files:
E2E-spec.txt minion-spec.tex
Log Message:
Directory-related changes, and zlib issue.
minion-spec:
* Simplify the directory format. Pseudo-XML was buying us nothing.
* Note more directory issues.
* Add more fields to directories.
* Make descriptor format more forgiving of whitespace and line endings.
* Note that descriptor is to be treated as ASCII when computing digest.
E2E-spec:
* Back off on zlib-bomb-prevention to only happen for SMTP and MBOX.
Index: E2E-spec.txt
===================================================================
RCS file: /home/minion/cvsroot/doc/E2E-spec.txt,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- E2E-spec.txt 20 Dec 2002 23:52:40 -0000 1.2
+++ E2E-spec.txt 29 Dec 2002 20:50:30 -0000 1.3
@@ -195,6 +195,10 @@
Does that sound reasonable? How about the parameters? -NM]
+[XXXX As a first compromise, I'm going to change this requirement to
+ say that this checking happens *only when* using an exit method
+ (such as SMTP) that doesn't do its own bombing-prevention. -NM]
+
BUILDING BLOCK: ERASURE CORRECTING ENCODING
We define a primitive, FRAGMENT, that breaks a K-packet message into
Index: minion-spec.tex
===================================================================
RCS file: /home/minion/cvsroot/doc/minion-spec.tex,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -d -r1.66 -r1.67
--- minion-spec.tex 11 Dec 2002 03:16:29 -0000 1.66
+++ minion-spec.tex 29 Dec 2002 20:50:30 -0000 1.67
@@ -650,21 +650,22 @@
of Y.
X|Y: Either an occurrence of X, or an occurence of Y.)
-Descriptor = CRLF* Section+
+Descriptor = NL Section+
Doctype = (<any printable character but '-'>)+
Section = SectionLine EntryLine*
-SectionLine = '[' Word ']' CRLF+
+SectionLine = '[' Word ']' NL+
-EntryLine = Word ':' ' ' Data CRLF+
+EntryLine = Word ':' ' ' Data NL+
Word = (<Any printable, non-space character but ':'>)+
-Data = (<any character but CR or LF>)*
+Data = (<Any printable character but NL>)*
-CRLF = CR LF
+[Note: For compatibility across different platforms, implementations must
+ accept all of CR, LF, and CR-LF style newlines.]
\section{Mixminion descriptor blocks}
@@ -710,12 +711,15 @@
'Packet-Key': The public key used to encode encode subheaders for
this server, encoded in ASN.1, represented in BASE64.
-The digest of a descriptor block is computed by removing the contents
-of the digest and signature fields, and computing the SHA-1 digest of
-the result. (That is, ``Digest: DATADATADATA...'' is replaced with
-``Digest:''.) The signed digest is the OAEP/PCKS1 signature of the
-digest with the server's identity key. This value is represented in
-BASE64.
+The digest of a descriptor block is computed by removing the contents of the
+digest and signature fields, and computing the SHA-1 digest of the resulting
+ASCII string. (That is, ``Digest: DATADATADATA...'' is replaced with
+``Digest:''.) The signed digest is the OAEP/PCKS1 signature of the digest
+with the server's identity key. This value is represented in BASE64.
+
+[Note: before computing the digest, all implementations must normalize CR and
+CR-LF style newlines to a single NL, and remove any spaces and tabs that may
+have been introduced at the ends of lines.]
If this server accepts incoming MMTP connections, it MAY have an
'Incoming/MMTP' section, with the following entries:
@@ -786,25 +790,13 @@
A directory takes the following form:
-<mixminion-directory>
- <version>1.0</version>
- <identity>Base64-encoded public key, in ASN.1</identity>
- <signature>Base64-encoded OAEP/PCKS1 signature of this document, with
- the contents of this field removed.</signature>
- <server>
- (Server descriptor block)
- </server>
- <server>
- (Server descriptor block)
- </server>
- .....
-</mixminion-directory>
-
-[XXXX I think I'm going to de-XML-ize this, so that it looks like:
-
[Directory]
Version: 1.0
+ Valid-After: YYYY/MM/DD HH:MM:SS
+ Valid-Until: YYYY/MM/DD HH:MM:SS
+ [Signature]
Identity: Base64-encoded public key, in ASN.1
+ Digest: Digest of this document.
Signature: Base64-encoded OAEP/PCKS1 signature of this document, with
the contents of this field removed.
[Server]
@@ -812,8 +804,6 @@
[Server]
(Server descriptor block)
- -NM]
-
Directory servers change their directories only at midnight GMT. Any
client which has not downloaded a directory since before midnight GMT,
must download a fresh directory before generating any packets.
@@ -832,7 +822,15 @@
[XXXX Issues include: How do directory servers synchronize?
What happens when they disagree? How many servers must a client
contact before he/she has enough information? How do we catch
- dishonest directory servers? -NM
+ dishonest directory servers? -NM]
+
+[XXXX We should also specify, perhaps, how directories are to order
+ the server descriptors; what uniqueness constraints there are, and so
+ on. -NM]
+
+[XXXX Also: statistics information. Also: we should think about
+ avoiding catastrophic failure modes if directories _do_ fail or
+ change. -NM]
\section{Appendix: Pooling rule}