[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
From: "Sebastian G. <bastik.tor>" <bastik.tor@xxxxxxxxxxxxxx>
Date: Tue, 13 Aug 2013 20:19:06 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 13 Aug 2013 14:19:22 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=YG9sNoS2WxlAzLDA7KYMw0D+wA0kKDTmnZ5V3AMxQh0=; b=ygyRIiqs+JVIYzoziCkFKn3Xe3GNMrypL+Eua4Ypc+n3CM3IlsvbdUPVs+AIQ8D9Wo 559+XEHDd2yt2wOtHEX2wOCNiMBKMoikqT4zaDWRlO2Ik0IJ1rMrUanN1zrsbr0R8r1M wqXxSV4WOXNZOIqp8Faw4IMbfMd3srwXqiQ09xfQvPWmCPj2PJU/5Ip6UvCxh+B+X0p3 H2J58HuXQ5EX04Qr9v1QUhRQMZLbihKS8N1ISRTiFGadltHTE3irw31yhiFAhJZzjZjL l1RUAJia4nyKV6/g3fMR6e+lXxkwbKeZ3S9J9AXRqYf6nrQN49cggW+NPJZU/Uj+u9q4 IFdg==
In-reply-to: <CAKDKvuzYUFMQFQJ=wn45oTVfPfw-0Ak8T95eh7SN6vWnf6Xhyg@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuzYUFMQFQJ=wn45oTVfPfw-0Ak8T95eh7SN6vWnf6Xhyg@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

13.08.2013, Nick Mathewson:
> 2.3.1. Checking descriptor signatures.
> 
>    Current versions of Tor will handle these new formats by ignoring the
>    new fields, and not checking any ed25519 information.
> 
>    New version of Tor will have a flag that tells them whether to check
>    ed25519 information.  When it is set, they must check:
> 
>       * All RSA information and signatures that Tor implementations
>         currently check.
>       * If the identity-ed25519 line is present, it must be well-formed,
>         and the certificate must be well-formed and correctly signed,
>         and there must be a valid.

Hi,

I'm not getting the last part of this paragraph.

"... and there must be a valid." signature, something?

(I'm not done with reading it, but before I forget to mention it)

Regards,
Sebastian G.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
  - From: Nick Mathewson

Prev by Author: Re: [tor-dev] Global semi-passive adversary: suggestion of using expanders
Next by Author: Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
Previous by thread: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
Next by thread: Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
Index(es):
- Author
- Thread