dir-spec.txt and directory-signature entries
Nick Mathewson
nickm at freehaven.net
Mon Feb 14 18:46:20 UTC 2011
On Mon, Feb 14, 2011 at 1:41 PM, J <joagre at gmail.com> wrote:
> The final entries in a consensus document are a number of directory-
> signature entries.
>
> dir-spec.txt says:
>
> <cite>
>
> "directory-signature" SP identity SP signing-key-digest NL Signature
>
> This is a signature of the status document, with the initial item
> "network-status-version", and the signature item
> "directory-signature", using the signing key. (In this case, we
> take
> the hash through the _space_ after directory-signature, not the
> newline: this ensures that all authorities sign the same thing.)
> "identity" is the hex-encoded digest of the authority identity
> key of
> the signing authority, and "signing-key-digest" is the hex-encoded
> digest of the current authority signing key of the signing
> authority.
>
> </cite>
>
> Does that mean "The hash from the network-status-version entry to the
> *first* directory-signature entry including a SP"?
It means everything beginning with the string "network-status-version"
and ending with the first string "directory-signature ". This refers
to the _string_ "directory signature " (with included space), not to
the entire directory signature. (It _can't_ refer to the entire
directory signature, since when the authority computes the signature,
it doesn't know what the signature is going to be.)
yrs,
--
Nick
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list