commit 5f177e79dd6bb25109cedcd5ffdd914c1983e9b3
parent c28cb887c9364ae2e4b06b3e5915d9c58dcf184a
Author: Martin Schanzenbach <mschanzenbach@posteo.de>
Date: Fri, 4 Sep 2020 23:30:28 +0200
restructuring
Diffstat:
1 file changed, 105 insertions(+), 92 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -133,113 +133,126 @@
<section anchor="zones" numbered="true" toc="default">
<name>Zones</name>
<t>
- A GNS zone is established by creating a zone key pair.
+ A zone in GNS is defined by a public/private key pair (d,zk),
+ where d is the private key and zk the corresponding public key.
+ The contents of a zone are cryptographically signed before
+ publishing. Instead of the zone private key "d", the signature MUST
+ be created using a blinded public/private key pair d' and zk'.
+ This blinding is realized using a Hierarchical Deterministic Key
+ Derivation (HDKD) scheme.
+ Such a scheme allows the zone owner to derivate a private d' and a
+ resolver to derive the corresponding public key zk' in a deterministic
+ manner from the original public and private zone keys as well as a
+ label.
+ </t>
+ <t>
+ In this document, we use the following naming convention for our
+ cryptographic primitives:
+ </t>
+ <dl>
+ <dt>d</dt>
+ <dd>
+ is the private zone key.
+ </dd>
+ <dt>zk</dt>
+ <dd>
+ is the public zone key.
+ </dd>
+ <dt>label</dt>
+ <dd>
+ is a string under which resource records of a zone are published.
+ </dd>
+ </dl>
+ <!-- FIXME: We probably want to define more things here such as
+ how zone types are registered and identified ? -->
+ <t>
GNS is extensible with respect to the cryptographic scheme used.
- The two zone key schemes specified within this document are
- called PKEY and EDKEY, respectively.
+ Any zone type must define a function to represent the
+ public zone key zk as a label:
</t>
- <section anchor="zone_privacy" numbered="true" toc="default">
- <name>Zone Key Blinding</name>
- <t>
- In GNS, the contents of a zone are cryptographically signed before
- publishing. Instead of the zone private key "d", the signature MUST
- be created using a blinded public/private key pair d' and zk'.
- This blinding is realized using a Hierarchical Deterministic Key
- Derivation (HDKD) scheme.
- Such a scheme allows the zone owner to derivate a private d' and a
- resolver to derive the corresponding public key zk' in a deterministic
- manner from the original public and private zone keys as well as a
- label.
- </t>
- <t>
- We define that for any type of zone key material the function
- "HDKD-Private" must be defined as:
- </t>
- <artwork name="" type="" align="left" alt=""><![CDATA[
-HDKD-Private(d, label) -> d'
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+GNS-Label(zk) -> zkl
]]></artwork>
- <t>
- where:
- </t>
- <dl>
- <dt>d</dt>
- <dd>
- Is the private zone key input.
- </dd>
- <dt>label</dt>
- <dd>
- Is the resource record label.
- </dd>
- <dt>d'</dt>
- <dd>
- Is the derived (blinded) private zone key.
- </dd>
- </dl>
- <t>
- Correspondingly, the function "HDKD-Public" must be defined as:
- </t>
- <artwork name="" type="" align="left" alt=""><![CDATA[
+ <t>
+ where:
+ </t>
+ <dl>
+ <dt>zk</dt>
+ <dd>
+ Is the public zone key input.
+ </dd>
+ <dt>zkl</dt>
+ <dd>
+ Is the label representation of zk. It consists of a string prefix
+ which uniquely defines the zone type followed by a zone
+ type specific string encoding of the public key. The two
+ components are concatenated using the character "-". For example:
+ "pkey-J9V7TM98P5T3ADC2PH5WPYFHZ9ZXHFBE5FGMMNYV5HSJ0N5GHDD0"
+ </dd>
+ </dl>
+ <t>
+ We define that for any type of zone key material the function
+ "HDKD-Private" must be defined as:
+ </t>
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+HDKD-Private(d, label) -> d'
+ ]]></artwork>
+ <t>
+ where:
+ </t>
+ <dl>
+ <dt>d</dt>
+ <dd>
+ Is the private zone key input.
+ </dd>
+ <dt>label</dt>
+ <dd>
+ Is the resource record label.
+ </dd>
+ <dt>d'</dt>
+ <dd>
+ Is the derived (blinded) private zone key.
+ </dd>
+ </dl>
+ <t>
+ Correspondingly, the function "HDKD-Public" must be defined as:
+ </t>
+ <artwork name="" type="" align="left" alt=""><![CDATA[
HDKD-Public(zk, label) -> zk'
]]></artwork>
- <t>
- where:
- </t>
- <dl>
- <dt>zk</dt>
- <dd>
- Is the public zone key input.
- </dd>
- <dt>label</dt>
- <dd>
- Is the resource record label.
- </dd>
- <dt>d'</dt>
- <dd>
- Is the derived (blinded) public zone key.
- </dd>
- </dl>
- <t>
- Any zone type must also define a function to represent the
- public zone key zk as a label:
- </t>
- <artwork name="" type="" align="left" alt=""><![CDATA[
-GNS-Label(zk) -> zkl
- ]]></artwork>
- <t>
- where:
- </t>
- <dl>
- <dt>zk</dt>
- <dd>
- Is the public zone key input.
- </dd>
- <dt>zkl</dt>
- <dd>
- Is the label representation of zk. It consists of a string prefix
- which uniquely defines the zone type followed by a zone
- type specific string encoding of the public key. The two
- components are concatenated using the character "-". For example:
- "pkey-J9V7TM98P5T3ADC2PH5WPYFHZ9ZXHFBE5FGMMNYV5HSJ0N5GHDD0"
- </dd>
- </dl>
- </section>
+ <t>
+ where:
+ </t>
+ <dl>
+ <dt>zk</dt>
+ <dd>
+ Is the public zone key input.
+ </dd>
+ <dt>label</dt>
+ <dd>
+ Is the resource record label.
+ </dd>
+ <dt>zk'</dt>
+ <dd>
+ Is the derived (blinded) public zone key.
+ </dd>
+ </dl>
<section anchor="zone_types" numbered="true" toc="default">
<name>Zone Types</name>
<section anchor="zone_type_pkey" numbered="true" toc="default">
<name>PKEY Zone</name>
<t>
- A PKEY zone in GNS is defined by a public/private ECDSA key pair (d,zk),
- where d is the private key and zk the corresponding public key.
- GNS employs the curve parameters of the twisted edwards representation
+ For PKEY zones the zone key material is derived using the
+ curve parameters of the twisted edwards representation
of Curve25519 <xref target="RFC7748" /> (a.k.a. edwards25519)
with the ECDSA scheme (<xref target="RFC6979" />).
- In the following, we use the following naming convention for our
- cryptographic primitives:
+ Consequently , we use the following naming convention for our
+ cryptographic primitives for PKEY zones:
</t>
<dl>
<dt>d</dt>
<dd>
- is a 256-bit ECDSA private key.
+ is a 256-bit ECDSA private zone key.
</dd>
<dt>p</dt>
<dd>
@@ -257,7 +270,7 @@ GNS-Label(zk) -> zkl
</dd>
<dt>zk</dt>
<dd>
- is the ECDSA public key corresponding to d. It is defined in
+ is the ECDSA public zone key corresponding to d. It is defined in
<xref target="RFC6979" /> as the curve point d*B where B is the group
generator of the elliptic curve. The public key is used to uniquely
identify a GNS zone and is referred to as the "zone key".
