Skip to content

Clarify a couple of issues in HsDesc parsing.

Nick Mathewson requested to merge nickm/torspec:hsdesc_clarity into main

Fixed in this branch:

  • auth-key and enc-key entries are actually allowed to appear multiple times, but only once with "ntor"
  • The auth-key cert and enc-key-cert entries are not actually constructed the way that the document specified; we need to document that for interop purposes.

Not fixed:

  • We need to specify what implementations actually need to do with these certificates. Must they check that they are well-signed and valid? Or can they safely ignore them if they don't care about C tor indistinguishability? Or...?

Merge request reports

Loading