[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: dir-spec.txt and directory-signature entries
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: dir-spec.txt and directory-signature entries
- From: Nick Mathewson <nickm@xxxxxxxxxxxxx>
- Date: Mon, 14 Feb 2011 13:46:20 -0500
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Mon, 14 Feb 2011 13:46:27 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; bh=uwldNKmUmS1D7FsbF2DuVwTvi2vZIzEwWGW7CBKlOV8=; b=Y6zsjVuJ0Q9K7JeNLsuSN2WPO2+R0h91AUKA2EQrFbQfXPFP6MCswdfnwHUHLfH2V1 vRPz4UOcuE9ciZJSE+K7Iaa/SldygOXBV+7UPy5qC5GtgYM6nQsA6wJl5HjSqHWnga6i bwT4CpEaUzPyEL6OEbnLboWsv8r0WhDyqPkKA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=hxBtkSPpgT3hMxsS8y5VswO7UxkKylRB09JzIvCu2KoY05U40L99Of3nnaLRXWVd7Q 0SP7Q/8LAbUrFQQsdkXhFjBCEjvgxR9C9vc1MSsiRR739Y5di2FN+SMHagjuSCk5C8V2 olFQ8eNLpY//xfNcce2/jboNZGQYFerCAcu3I=
- In-reply-to: <4D59775A.3010607@xxxxxxxxx>
- References: <4D59775A.3010607@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Mon, Feb 14, 2011 at 1:41 PM, J <joagre@xxxxxxxxx> wrote:
> The final entries in a consensus document are a number of directory-
> signature entries.
>
> dir-spec.txt says:
>
> <cite>
>
> "directory-signature" SP identity SP signing-key-digest NL Signature
>
> This is a signature of the status document, with the initial item
> "network-status-version", and the signature item
> "directory-signature", using the signing key. (In this case, we
> take
> the hash through the _space_ after directory-signature, not the
> newline: this ensures that all authorities sign the same thing.)
> "identity" is the hex-encoded digest of the authority identity
> key of
> the signing authority, and "signing-key-digest" is the hex-encoded
> digest of the current authority signing key of the signing
> authority.
>
> </cite>
>
> Does that mean "The hash from the network-status-version entry to the
> *first* directory-signature entry including a SP"?
It means everything beginning with the string "network-status-version"
and ending with the first string "directory-signature ". This refers
to the _string_ "directory signature " (with included space), not to
the entire directory signature. (It _can't_ refer to the entire
directory signature, since when the authority computes the signature,
it doesn't know what the signature is going to be.)
yrs,
--
Nick
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/