commit e9fa709c55db8099a6cea800118cf827f7ea6fdf
parent 1c4ecd088e2453f23adf0e70e3312731a9b553f3
Author: Schanzenbach, Martin <mschanzenbach@posteo.de>
Date: Thu, 3 Oct 2019 21:28:05 +0200
update
Diffstat:
1 file changed, 14 insertions(+), 22 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -81,15 +81,15 @@
<section anchor="zones" numbered="true" toc="default">
<name>Zones</name>
<t>
- A zone in GNS is defined by a public/private ECC key pair (x,zk),
- where P is the generator of an elliptic curve, x is the private key and
- zk := x*P the corresponding public key.
+ A zone in GNS is defined by a public/private ECC key pair (d,zk),
+ where B is the generator of a group or subgroup, d is the private key and
+ zk the corresponding public key.
The keys are constructed using the Ed25519 ECC scheme as defined in
<xref target="RFC8032" />.
The public key "zk" is used to uniquely identify and refer to the zone and
is thus called "zone key".
Records published in the zone are signed using a private key derived
- from the private key "x" as described in <xref target="publish" />.
+ from "d" as described in <xref target="publish" />.
</t>
</section>
<section anchor="rrecords" numbered="true" toc="default">
@@ -285,7 +285,7 @@
<artwork name="" type="" align="left" alt=""><![CDATA[
PRK_h := HKDF-Extract ("key-derivation", zk)
h := HKDF-Expand (PRK_h, label | "gns", 512 / 8)
- x_h := h*x mod p
+ d_h := h*d mod p
zk_h := h*zk mod p
q := SHA512 (zk_h)
]]></artwork>
@@ -306,7 +306,7 @@
is the HKDF expansion result. The expansion info is a concatenation of
the label and string "gns".
</dd>
- <dt>x</dt>
+ <dt>d</dt>
<dd>
is the private zone key as defined in <xref target="RFC8032" />.
</dd>
@@ -319,10 +319,10 @@
<dd>
under wich the resource records are published.
</dd>
- <dt>x_h</dt>
+ <dt>d_h</dt>
<dd>
- is a private key derived from the zone private key "x" using the
- keying material "h" (512 bit) and "p" is the group order as defined in
+ is a private key derived from the zone private key "d" using the
+ keying material "h" (512 bit) and "p" is a prime as defined in
<xref target="RFC8032" />.
</dd>
<dt>zk_h</dt>
@@ -335,7 +335,7 @@
<dd>
Is the DHT key under which the resource records block is published.
It is the SHA512 hash over the public key "zk_h" corresponding to the
- derived private key "x_h".
+ derived private key "d_h".
</dd>
</dl>
</section>
@@ -383,7 +383,7 @@
A 512-bit ECDSA deterministic signature compliant with
<xref target="RFC6979" />. The signature is computed over the data
following the PUBLIC KEY field.
- The signature is created using the derived private key "x_h" (see
+ The signature is created using the derived private key "d_h" (see
<xref target="publish" />).
</dd>
<dt>PUBLIC KEY</dt>
@@ -590,27 +590,19 @@
<artwork name="" type="" align="left" alt=""><