nusenu: >> The only question that came up was: Will there be two types of relay >> fingerprints >> in the future (Ed25519)? > > I assume the correct proposal for the Ed25519 keys is this: > https://gitweb.torproject.org/torspec.git/tree/proposals/220-ecc-id-keys.txt > > I'm wondering what kind of format is used for a relay's Ed25519 ID in tor? > > The spec says base64: > >> When an ed25519 signature is present, there MAY be a "master-key-ed25519" >> element containing the base64 encoded ed25519 master key as a single >> argument. If it is present, it MUST match the identity key in >> the certificate. > > examples: > grep master-key-ed 2020-07-28-19-05-00-server-descriptors |head -2 > > master-key-ed25519 clT/2GWmTY/qU5TBGaudAIjOUUxUdKhMY/Q5riK6G2E > master-key-ed25519 qDI9PbwtiKzpR9phLnWI99uimdwNW8+l9c7hDoWV9dQ > > Is this the canonical format you use when referring to a relay's Ed25519 > identity?
I looked at what stem does in this area [1]. It uses the more accurate name "ed25519_master_key" instead of Ed25519 ID and contains the above mentioned base64 encoded Ed25519 public master key so I assume this is the canonical format since I didn't see any other representation. > What command does a relay operator need to run to find out > his relay's Ed25519 ID on the command line? base64 encoding (parts of) the ed25519_master_id_public_key file, provides the same output as in master-key-ed25519 descriptor lines but I didn't find a spec for that key file to confirm the try and error approach or a tor command to simply output the ed25519_master_key public key in base64 format. kind regards, nusenu [1] https://stem.torproject.org/api/descriptor/server_descriptor.html#stem.descriptor.server_descriptor.RelayDescriptor https://gitweb.torproject.org/torspec.git/tree/cert-spec.txt These are the file paths I would suggest for the well-known registry: .well-known/tor-relay/rsa-fingerprints .well-known/tor-relay/ed25519-pubkeys -- https://mastodon.social/@nusenu
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
