Skip to content

extra-info-digest's sha256-digest isn't actually over the same data as the sha1-digest

Please review my pull request at:

https://github.com/torproject/torspec/pull/44

The extra-info-digest field of server descriptors was defined to contain either a SHA1, or a SHA1 and a SHA256 digest. These were both meant to be computed over the same data but due to an implementation error, the Tor network has been computing the digests over different data for a while. This is a lot easier to fix in the spec than in the code, and the error does not seem to cause any harm beyond being a little confusing (which this patch should help with).

A minor fix is also made to the SHA1 digest portion of the text. This is a typo fix and a clarification, and does not change the semantic meaning for that portion.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information