[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec/master] 220-ecc-id-keys: fix gaps noted by Sebastian G

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec/master] 220-ecc-id-keys: fix gaps noted by Sebastian G
From: nickm@xxxxxxxxxxxxxx
Date: Wed, 14 Aug 2013 01:12:09 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 13 Aug 2013 21:12:20 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 5380544e8e30408c30c057a3f4b8157815b0a059
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Tue Aug 13 21:12:02 2013 -0400

    220-ecc-id-keys: fix gaps noted by Sebastian G
---
 proposals/220-ecc-id-keys.txt |   16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/proposals/220-ecc-id-keys.txt b/proposals/220-ecc-id-keys.txt
index 1c112b9..ebbc3b5 100644
--- a/proposals/220-ecc-id-keys.txt
+++ b/proposals/220-ecc-id-keys.txt
@@ -188,7 +188,7 @@ Status: Draft
         currently check.
       * If the identity-ed25519 line is present, it must be well-formed,
         and the certificate must be well-formed and correctly signed,
-        and there must be a valid.
+        and there must be a valid router-signature-ed25519 signature.
       * If we require an ed25519 key for this node (see 3.1 below), the
         ed25519 key must be present.
 
@@ -467,14 +467,17 @@ Status: Draft
 
    When we need to indicate an Ed25519 identity key in an hostname
    format (as in a .exit address), we use the lowercased version of the
-   name, and perform a case-insensitive match.  (This loses us one bit
-   per byte of name,
+   name, and perform a case-insensitive match.  (This loses us a little
+   less than one bit per byte of name, leaving plenty of bits to make
+   sure we choose the right node.)
 
-   Nodes must not list Ed25519 identities in their family lines; clients
-   and authorities must not honor them there.
+   Nodes must not list Ed25519 identities in their family lines; clients and
+   authorities must not honor them there.  (Doing so would make different
+   clients change paths differently in a possibly manipulatable way.)
 
    Clients shouldn't accept .exit addresses with Ed25519 names on SOCKS
-   or DNS ports by default, even when AllowDotExit is set.
+   or DNS ports by default, even when AllowDotExit is set.  We can add
+   another option for the later if there's a good reason to have this.
 
    We need an identity-to-node map for ECC identity and for RSA
    identity.
@@ -515,4 +518,3 @@ Status: Draft
    * Ed25519 support for hidden services
    * Bridge identity support.
    * Ed25519-aware family support
-   * 

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [torspec/master] Merge remote-tracking branch 'asn/bug8978'
Next by Author: [tor-commits] [tor/master] Prepare codebase for the implementation of Extended ORPort auth.
Previous by thread: [tor-commits] [torbirdy/master] Fix the TB_ID variable
Next by thread: [tor-commits] [torbrowser/master] re-add the 2.4.15-beta-2 version to recommended-versions so PT bundle users don't get an upgrade warning
Index(es):
- Author
- Thread