lsd0001

commit 535890037ca351e0e63536b77e552655576c7d43
parent 66aee4dd84b3493b4a4eccab878775ff6711e131
Author: Martin Schanzenbach <mschanzenbach@posteo.de>
Date:   Sat,  5 Sep 2020 10:32:37 +0200

cleanup, revocation

Diffstat:
M
draft-schanzen-gns.xml
 | 
29
+++++++++++++++++------------

1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -872,11 +872,6 @@ q := SHA512 (HDKD-Public(zk, label))
          records block payload, the key material "K" and initialization vector
          "IV" for the symmetric cipher are derived as follows:
        </t>
-       <!-- OLD VERSION
-       PRK_kiv := HKDF-Extract (zk, label)
-       K := HKDF-Expand (PRK_kiv, "gns-aes-ctx-key", 512 / 8);
-       IV := HKDF-Expand (PRK_kiv, "gns-aes-ctx-iv", 256 / 8)
-       -->
        <artwork name="" type="" align="left" alt=""><![CDATA[
 PRK_k := HKDF-Extract ("gns-aes-ctx-key", zk)
 PRK_iv := HKDF-Extract ("gns-aes-ctx-iv", zk)
@@ -1357,6 +1352,8 @@ NICK: john (Supplemental)
 |                                               |
 |                                               |
 +-----+-----+-----+-----+-----+-----+-----+-----+
+|                   ZONE TYPE                   |
++-----+-----+-----+-----+-----+-----+-----+-----+
 |                  PUBLIC KEY                   |
 |                                               |
 |                                               |
@@ -1398,12 +1395,14 @@ NICK: john (Supplemental)
            The signature is created using the private zone key "d" (see
            <xref target="zones" />).
          </dd>
+         <dt>ZONE TYPE</dt>
+         <dd>
+           The zone type ID (zid) corresponding to the zone public key.
+         </dd>
          <dt>PUBLIC KEY</dt>
          <dd>
-           is the 256-bit public key "zk" of the zone which is being revoked and
-           the key to be used to verify SIGNATURE. The
-           wire format of this value is defined in <xref target="RFC8032" />,
-           Section 5.1.5.
+           is the public key "zk" of the zone which is being revoked and
+           the key to be used to verify SIGNATURE.
          </dd>
        </dl>
       <t>
@@ -1417,9 +1416,11 @@ NICK: john (Supplemental)
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |         SIZE (0x30)   |       PURPOSE (0x03)  |
 +-----+-----+-----+-----+-----+-----+-----+-----+
+|                   ZONE TYPE                   |
++-----+-----+-----+-----+-----+-----+-----+-----+
 |                  PUBLIC KEY                   |
-|                                               |
-|                                               |
+/                                               /
+/                                               /
 |                                               |
 +-----+-----+-----+-----+-----+-----+-----+-----+
 |                   TIMESTAMP                   |
@@ -1431,13 +1432,17 @@ NICK: john (Supplemental)
          <dt>SIZE</dt>
          <dd>
            A 32-bit value containing the length of the signed data in bytes
-           (48 bytes) in network byte order.
+           in network byte order.
          </dd>
          <dt>PURPOSE</dt>
          <dd>
            A 32-bit signature purpose flag. This field MUST be 3 (in network
            byte order).
          </dd>
+         <dt>ZONE TYPE</dt>
+         <dd>
+           The zone type ID (zid) corresponding to the zone public key.
+         </dd>
          <dt>PUBLIC KEY / TIMESTAMP</dt>
          <dd>Both values as defined in the revocation data object above.</dd>
        </dl>