dir-spec.txt and directory-signature entries
The final entries in a consensus document are a number of directory- signature entries. dir-spec.txt says: cite directory-signature SP identity SP signing-key-digest NL Signature This is a signature of the status document, with the initial item network-status-version, and the signature item directory-signature, using the signing key. (In this case, we take the hash through the _space_ after directory-signature, not the newline: this ensures that all authorities sign the same thing.) identity is the hex-encoded digest of the authority identity key of the signing authority, and signing-key-digest is the hex-encoded digest of the current authority signing key of the signing authority. /cite Does that mean The hash from the network-status-version entry to the *first* directory-signature entry including a SP? Or something else? The wording in dir-spec.txt is ambigous to me. Any help appreciated. Cheers /Jocke *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: dir-spec.txt and directory-signature entries
On 2011-02-14 19:46, Nick Mathewson wrote: snip/ Does that mean The hash from the network-status-version entry to the *first* directory-signature entry including a SP? It means everything beginning with the string network-status-version and ending with the first string directory-signature . This refers to the _string_ directory signature (with included space), not to the entire directory signature. (It _can't_ refer to the entire directory signature, since when the authority computes the signature, it doesn't know what the signature is going to be.) Yes, that was my understanding as well. Thanks for the clarification. I looked elsewhere in my code and realised that the shared signature code added an extra \n after directory-signature when verifying consensus documents. I got extremely confused because I could verify both router descriptor and key certificate documents. In other words: My bad, i.e. I needed someone to talk to. :-) Sorry for the noise Cheers /Jocke *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
