[tor-commits] [torspec/master] rend-spec-v3.txt: Clarify role of first layer desc encryption.

[nickm at torproject.org]

commit ed29ac205461ca0d1e61e3d4caad95381139eedb
Author: George Kadianakis <desnacked at riseup.net>
Date:   Sat Jun 23 13:24:51 2018 -0500

    rend-spec-v3.txt: Clarify role of first layer desc encryption.
    
    It's meant to protect against entities that don't know the identity public
    key (aka the onion address).
    
    Closes #26379. Pointed out by Steven Murdoch.
---
 rend-spec-v3.txt | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt
index 728f38f..0b56fce 100644
--- a/rend-spec-v3.txt
+++ b/rend-spec-v3.txt
@@ -1124,8 +1124,8 @@ Table of contents:
 2.5.1. First layer of encryption [HS-DESC-FIRST-LAYER]
 
    The first layer of HS descriptor encryption is designed to protect
-   descriptor confidentiality against entities who don't know the blinded
-   public key of the hidden service.
+   descriptor confidentiality against entities who don't know the public
+   identity key of the hidden service.
 
 2.5.1.1. First layer encryption logic
 
@@ -1136,6 +1136,11 @@ Table of contents:
      SECRET_DATA = blinded-public-key
      STRING_CONSTANT = "hsdir-superencrypted-data"
 
+   The encryption scheme in [HS-DESC-ENCRYPTION-KEYS] uses the service
+   credential which is derived from the public identity key (see [SUBCRED]) to
+   ensure that only entities who know the public identity key can decrypt the
+   first descriptor layer.
+
    The ciphertext is placed on the "superencrypted" field of the descriptor.
 
    Before encryption the plaintext is padded with NUL bytes to the nearest