diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2022-01-16 20:57:44 +0100 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-01-16 20:57:44 +0100 |
commit | 07dc5800405a9105603d80e2be3c42b79be78cbb (patch) | |
tree | f8e6feee2253fdd4e413faa600951ea06c05c34e | |
parent | d81f693b9630384fc4a6d791da5f91494109ee10 (diff) | |
download | lsd0001-07dc5800405a9105603d80e2be3c42b79be78cbb.tar.gz lsd0001-07dc5800405a9105603d80e2be3c42b79be78cbb.zip |
changed wording more for private zone key to private key
-rw-r--r-- | draft-schanzen-gns.xml | 86 |
1 files changed, 43 insertions, 43 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 6effff4..987082e 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -191,7 +191,7 @@ | |||
191 | using a blinded public/private key pair. | 191 | using a blinded public/private key pair. |
192 | This blinding is realized using a deterministic key | 192 | This blinding is realized using a deterministic key |
193 | derivation from | 193 | derivation from |
194 | the original public and private zone keys using record label values. | 194 | the original zone key and corresponding private key using record label values. |
195 | Specifically, the zone owner can derive private keys for each record | 195 | Specifically, the zone owner can derive private keys for each record |
196 | set published under a label, and a | 196 | set published under a label, and a |
197 | resolver can derive the corresponding public keys. | 197 | resolver can derive the corresponding public keys. |
@@ -207,12 +207,12 @@ | |||
207 | Names in GNS are domain names as defined in <xref target="RFC8499"/>. | 207 | Names in GNS are domain names as defined in <xref target="RFC8499"/>. |
208 | Starting from a configurable root zone, names are resolved following zone | 208 | Starting from a configurable root zone, names are resolved following zone |
209 | delegations which are recursively queried from the storage (<xref target="resolution"/>). | 209 | delegations which are recursively queried from the storage (<xref target="resolution"/>). |
210 | Without knowledge of the label values and the zone public keys, the | 210 | Without knowledge of the label values and the zone keys, the |
211 | different derived keys are unlinkable both to the original key and to each | 211 | different derived keys are unlinkable both to the original key and to each |
212 | other. | 212 | other. |
213 | This prevents zone enumeration and requires knowledge | 213 | This prevents zone enumeration and requires knowledge |
214 | of both the public zone key and the label to confirm affiliation with a | 214 | of both the zone key and the label to confirm affiliation with a |
215 | specific zone. At the same time, the blinded zone public key provides | 215 | specific zone. At the same time, the blinded zone key provides |
216 | resolvers | 216 | resolvers |
217 | with the ability to verify the integrity of the published information | 217 | with the ability to verify the integrity of the published information |
218 | without disclosing the originating zone. | 218 | without disclosing the originating zone. |
@@ -246,7 +246,7 @@ | |||
246 | delegation into a zone of this type. | 246 | delegation into a zone of this type. |
247 | </t> | 247 | </t> |
248 | <t> | 248 | <t> |
249 | For any zone, d is the private zone key. zk is the public zone key. | 249 | For any zone, d is the private key. zk is the zone key. |
250 | The specific formats depends on the zone type. | 250 | The specific formats depends on the zone type. |
251 | The creation of zone keys for the default zone types are specified in | 251 | The creation of zone keys for the default zone types are specified in |
252 | <xref target="gnsrecords_delegation"/>. | 252 | <xref target="gnsrecords_delegation"/>. |
@@ -257,21 +257,21 @@ | |||
257 | <dl> | 257 | <dl> |
258 | <dt>Private-KeyGen() -> d</dt> | 258 | <dt>Private-KeyGen() -> d</dt> |
259 | <dd> | 259 | <dd> |
260 | is a function to generate a fresh private zone key d. | 260 | is a function to generate a fresh private key d. |
261 | </dd> | 261 | </dd> |
262 | <dt>Public-KeyGen(d) -> zk</dt> | 262 | <dt>Public-KeyGen(d) -> zk</dt> |
263 | <dd> | 263 | <dd> |
264 | is a function to derive a public zone key zk from a private key d. | 264 | is a function to derive a zone key zk from a private key d. |
265 | </dd> | 265 | </dd> |
266 | <dt>ZKDF-Private(d,label) -> d'</dt> | 266 | <dt>ZKDF-Private(d,label) -> d'</dt> |
267 | <dd> | 267 | <dd> |
268 | is a zone key derivation function which blinds a private zone key d | 268 | is a zone key derivation function which blinds a private key d |
269 | using label, resulting in another private key which | 269 | using label, resulting in another private key which |
270 | can be used to create cryptographic signatures. | 270 | can be used to create cryptographic signatures. |
271 | </dd> | 271 | </dd> |
272 | <dt>ZKDF-Public(zk,label) -> zk'</dt> | 272 | <dt>ZKDF-Public(zk,label) -> zk'</dt> |
273 | <dd> | 273 | <dd> |
274 | is a zone key derivation function which blinds a public zone key zk | 274 | is a zone key derivation function which blinds a zone key zk |
275 | using a label. zk and zk' must be unlinkable. Furthermore, | 275 | using a label. zk and zk' must be unlinkable. Furthermore, |
276 | blinding zk with different values for the label must result | 276 | blinding zk with different values for the label must result |
277 | in unlinkable different resulting values for zk'. | 277 | in unlinkable different resulting values for zk'. |
@@ -279,7 +279,7 @@ | |||
279 | <dt>S-Encrypt(zk,label,nonce,expiration,message) -> ciphertext</dt> | 279 | <dt>S-Encrypt(zk,label,nonce,expiration,message) -> ciphertext</dt> |
280 | <dd> | 280 | <dd> |
281 | is a deterministic symmetric encryption function which encrypts the record | 281 | is a deterministic symmetric encryption function which encrypts the record |
282 | data based on key material derived from the public zone key, | 282 | data based on key material derived from the zone key, |
283 | a label, a nonce and an expiration. | 283 | a label, a nonce and an expiration. |
284 | In order to leverage performance-enhancing caching features of certain | 284 | In order to leverage performance-enhancing caching features of certain |
285 | underlying storages, in particular DHTs, a deterministic encryption | 285 | underlying storages, in particular DHTs, a deterministic encryption |
@@ -288,7 +288,7 @@ | |||
288 | <dt>S-Decrypt(zk,label,nonce,expiration,ciphertext) -> message</dt> | 288 | <dt>S-Decrypt(zk,label,nonce,expiration,ciphertext) -> message</dt> |
289 | <dd> | 289 | <dd> |
290 | is a symmetric encryption function which decrypts the encrypted record | 290 | is a symmetric encryption function which decrypts the encrypted record |
291 | data based on key material derived from the public zone key, | 291 | data based on key material derived from the zone key, |
292 | a label, a nonce an expiration. | 292 | a label, a nonce an expiration. |
293 | </dd> | 293 | </dd> |
294 | <dt>Sign(d',message) -> signature</dt> | 294 | <dt>Sign(d',message) -> signature</dt> |
@@ -311,14 +311,14 @@ | |||
311 | <name>Zone ID</name> | 311 | <name>Zone ID</name> |
312 | 312 | ||
313 | <t>The zone ID zid is a unique public identifier of a zone. | 313 | <t>The zone ID zid is a unique public identifier of a zone. |
314 | It consists of the ztype and the public zone key zk. | 314 | It consists of the ztype and the zone key zk. |
315 | The wire format is illustrated in <xref target="figure_zid"/>. | 315 | The wire format is illustrated in <xref target="figure_zid"/>. |
316 | </t> | 316 | </t> |
317 | <figure anchor="figure_zid"> | 317 | <figure anchor="figure_zid"> |
318 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 318 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
319 | 0 8 16 24 32 40 48 56 | 319 | 0 8 16 24 32 40 48 56 |
320 | +-----+-----+-----+-----+-----+-----+-----+-----+ | 320 | +-----+-----+-----+-----+-----+-----+-----+-----+ |
321 | | ZONE TYPE | ZONE PUBLIC KEY / | 321 | | ZONE TYPE | ZONE KEY / |
322 | +-----+-----+-----+-----+ / | 322 | +-----+-----+-----+-----+ / |
323 | / / | 323 | / / |
324 | / / | 324 | / / |
@@ -418,7 +418,7 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
418 | <t> | 418 | <t> |
419 | In order to revoke a zone key, a signed revocation object MUST be | 419 | In order to revoke a zone key, a signed revocation object MUST be |
420 | published. | 420 | published. |
421 | This object MUST be signed using the private zone key. | 421 | This object MUST be signed using the private key. |
422 | The revocation object is broadcast to the network. | 422 | The revocation object is broadcast to the network. |
423 | The specification of the broadcast mechanism is out of scope of this | 423 | The specification of the broadcast mechanism is out of scope of this |
424 | document. | 424 | document. |
@@ -468,7 +468,7 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
468 | +-----------------------------------------------+ | 468 | +-----------------------------------------------+ |
469 | | TIMESTAMP | | 469 | | TIMESTAMP | |
470 | +-----------------------------------------------+ | 470 | +-----------------------------------------------+ |
471 | | ZONE TYPE | ZONE PUBLIC KEY | | 471 | | ZONE TYPE | ZONE KEY | |
472 | +-----+-----+-----+-----+ | | 472 | +-----+-----+-----+-----+ | |
473 | / / | 473 | / / |
474 | / / | 474 | / / |
@@ -491,7 +491,7 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
491 | <dd> | 491 | <dd> |
492 | is the 32-bit zone type. | 492 | is the 32-bit zone type. |
493 | </dd> | 493 | </dd> |
494 | <dt>ZONE PUBLIC KEY</dt> | 494 | <dt>ZONE KEY</dt> |
495 | <dd> | 495 | <dd> |
496 | is the 256-bit public key zk of the zone which is being revoked. | 496 | is the 256-bit public key zk of the zone which is being revoked. |
497 | The wire format of this value is defined in <xref target="RFC8032" />, | 497 | The wire format of this value is defined in <xref target="RFC8032" />, |
@@ -544,7 +544,7 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
544 | +-----+-----+-----+-----+-----+-----+-----+-----+ | 544 | +-----+-----+-----+-----+-----+-----+-----+-----+ |
545 | | POW_Z-1 | | 545 | | POW_Z-1 | |
546 | +-----------------------------------------------+ | 546 | +-----------------------------------------------+ |
547 | | ZONE TYPE | ZONE PUBLIC KEY | | 547 | | ZONE TYPE | ZONE KEY | |
548 | +-----+-----+-----+-----+ | | 548 | +-----+-----+-----+-----+ | |
549 | / / | 549 | / / |
550 | / / | 550 | / / |
@@ -584,19 +584,19 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
584 | </dd> | 584 | </dd> |
585 | <dt>ZONE TYPE</dt> | 585 | <dt>ZONE TYPE</dt> |
586 | <dd> | 586 | <dd> |
587 | The 32-bit zone type corresponding to the zone public key. | 587 | The 32-bit zone type corresponding to the zone key. |
588 | </dd> | 588 | </dd> |
589 | <dt>ZONE PUBLIC KEY</dt> | 589 | <dt>ZONE KEY</dt> |
590 | <dd> | 590 | <dd> |
591 | is the public key zk of the zone which is being revoked and | 591 | is the public key zk of the zone which is being revoked and |
592 | the key to be used to verify SIGNATURE. | 592 | the key to be used to verify SIGNATURE. |
593 | </dd> | 593 | </dd> |
594 | <dt>SIGNATURE</dt> | 594 | <dt>SIGNATURE</dt> |
595 | <dd> | 595 | <dd> |
596 | A signature over a timestamp and the public zone zk of the zone | 596 | A signature over a timestamp and the zone zk of the zone |
597 | which is revoked and corresponds to the key used in the PoW. | 597 | which is revoked and corresponds to the key used in the PoW. |
598 | The signature is created using the Sign() function of | 598 | The signature is created using the Sign() function of |
599 | the cryptosystem of the zone and the private zone key | 599 | the cryptosystem of the zone and the private key |
600 | (see <xref target="ztype" />). | 600 | (see <xref target="ztype" />). |
601 | </dd> | 601 | </dd> |
602 | </dl> | 602 | </dl> |
@@ -614,7 +614,7 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
614 | +-----+-----+-----+-----+-----+-----+-----+-----+ | 614 | +-----+-----+-----+-----+-----+-----+-----+-----+ |
615 | | TIMESTAMP | | 615 | | TIMESTAMP | |
616 | +-----+-----+-----+-----+-----+-----+-----+-----+ | 616 | +-----+-----+-----+-----+-----+-----+-----+-----+ |
617 | | ZONE TYPE | ZONE PUBLIC KEY | | 617 | | ZONE TYPE | ZONE KEY | |
618 | +-----+-----+-----+-----+ | | 618 | +-----+-----+-----+-----+ | |
619 | / / | 619 | / / |
620 | / / | 620 | / / |
@@ -635,9 +635,9 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
635 | </dd> | 635 | </dd> |
636 | <dt>ZONE TYPE</dt> | 636 | <dt>ZONE TYPE</dt> |
637 | <dd> | 637 | <dd> |
638 | The 32-bit zone type corresponding to the zone public key. | 638 | The 32-bit zone type corresponding to the zone key. |
639 | </dd> | 639 | </dd> |
640 | <dt>ZONE PUBLIC KEY / TIMESTAMP</dt> | 640 | <dt>ZONE KEY / TIMESTAMP</dt> |
641 | <dd>Both values as defined in the revocation data object above.</dd> | 641 | <dd>Both values as defined in the revocation data object above.</dd> |
642 | </dl> | 642 | </dl> |
643 | <t> | 643 | <t> |
@@ -835,12 +835,12 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
835 | <dl> | 835 | <dl> |
836 | <dt>d</dt> | 836 | <dt>d</dt> |
837 | <dd> | 837 | <dd> |
838 | is a 256-bit ECDSA private zone key. The generation of the private | 838 | is a 256-bit ECDSA private key. The generation of the private |
839 | scalar as defined in Section 2.2. of <xref target="RFC6979" /> represents the Private-KeyGen() function. | 839 | scalar as defined in Section 2.2. of <xref target="RFC6979" /> represents the Private-KeyGen() function. |
840 | </dd> | 840 | </dd> |
841 | <dt>zk</dt> | 841 | <dt>zk</dt> |
842 | <dd> | 842 | <dd> |
843 | is the ECDSA public zone key corresponding to d. Its generation is | 843 | is the ECDSA zone key corresponding to d. Its generation is |
844 | defined in Section 2.2. of <xref target="RFC6979" /> as the curve point d*G where G | 844 | defined in Section 2.2. of <xref target="RFC6979" /> as the curve point d*G where G |
845 | is the group generator of the elliptic curve. | 845 | is the group generator of the elliptic curve. |
846 | This generation represents the Public-KeyGen(d) function. | 846 | This generation represents the Public-KeyGen(d) function. |
@@ -889,7 +889,7 @@ zk' := h mod L * zk | |||
889 | <xref target="RFC5869" />, using HMAC-SHA512 for the extraction | 889 | <xref target="RFC5869" />, using HMAC-SHA512 for the extraction |
890 | phase and HMAC-SHA256 for the expansion phase. | 890 | phase and HMAC-SHA256 for the expansion phase. |
891 | PRK_h is key material retrieved using an HKDF using the string | 891 | PRK_h is key material retrieved using an HKDF using the string |
892 | "key-derivation" as salt and the public zone key as initial | 892 | "key-derivation" as salt and the zone key as initial |
893 | keying material. | 893 | keying material. |
894 | h is the 512-bit HKDF expansion result and must be interpreted in | 894 | h is the 512-bit HKDF expansion result and must be interpreted in |
895 | network byte order. The expansion information input is | 895 | network byte order. The expansion information input is |
@@ -998,7 +998,7 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8) | |||
998 | <dl> | 998 | <dl> |
999 | <dt>d</dt> | 999 | <dt>d</dt> |
1000 | <dd> | 1000 | <dd> |
1001 | is a 256-bit EdDSA private zone key. The generation as defined | 1001 | is a 256-bit EdDSA private key. The generation as defined |
1002 | in Section 3.2. of <xref target="RFC8032" /> and represents the Private-KeyGen() | 1002 | in Section 3.2. of <xref target="RFC8032" /> and represents the Private-KeyGen() |
1003 | function. | 1003 | function. |
1004 | </dd> | 1004 | </dd> |
@@ -1009,7 +1009,7 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8) | |||
1009 | </dd> | 1009 | </dd> |
1010 | <dt>zk</dt> | 1010 | <dt>zk</dt> |
1011 | <dd> | 1011 | <dd> |
1012 | is the EdDSA public zone key corresponding to d. It is defined in | 1012 | is the EdDSA public key corresponding to d. It is defined in |
1013 | Section 3.2 of <xref target="RFC8032" /> as the curve point a*G where G is the | 1013 | Section 3.2 of <xref target="RFC8032" /> as the curve point a*G where G is the |
1014 | group generator of the elliptic curve and a is an integer | 1014 | group generator of the elliptic curve and a is an integer |
1015 | derived from d using the SHA512 hash function. | 1015 | derived from d using the SHA512 hash function. |
@@ -1072,14 +1072,14 @@ zk' := h * zk | |||
1072 | <xref target="RFC5869" />, using HMAC-SHA512 for the extraction | 1072 | <xref target="RFC5869" />, using HMAC-SHA512 for the extraction |
1073 | phase and HMAC-SHA256 for the expansion phase. | 1073 | phase and HMAC-SHA256 for the expansion phase. |
1074 | PRK_h is key material retrieved using an HKDF using the string | 1074 | PRK_h is key material retrieved using an HKDF using the string |
1075 | "key-derivation" as salt and the public zone key as initial | 1075 | "key-derivation" as salt and the zone key as initial |
1076 | keying material. | 1076 | keying material. |
1077 | The blinding factor h is the 512-bit HKDF expansion result. | 1077 | The blinding factor h is the 512-bit HKDF expansion result. |
1078 | The expansion information input is | 1078 | The expansion information input is |
1079 | a concatenation of the label and the string "gns". | 1079 | a concatenation of the label and the string "gns". |
1080 | The result of the HKDF must be clamped and interpreted in network | 1080 | The result of the HKDF must be clamped and interpreted in network |
1081 | byte order. | 1081 | byte order. |
1082 | a is the 256-bit integer corresponding to the 256-bit private zone | 1082 | a is the 256-bit integer corresponding to the 256-bit private |
1083 | key d. | 1083 | key d. |
1084 | The label is a UTF-8 string under which the resource records are | 1084 | The label is a UTF-8 string under which the resource records are |
1085 | published. | 1085 | published. |
@@ -1273,7 +1273,7 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8) | |||
1273 | the label that a zone prefers to have used when it is referred to. | 1273 | the label that a zone prefers to have used when it is referred to. |
1274 | This is a suggestion to other zones what label to use when creating a | 1274 | This is a suggestion to other zones what label to use when creating a |
1275 | delegation record (<xref target="gnsrecords_delegation" />) containing | 1275 | delegation record (<xref target="gnsrecords_delegation" />) containing |
1276 | this zone's public zone key. | 1276 | this zone key. |
1277 | This record SHOULD only be stored under the empty label "@" but MAY be | 1277 | This record SHOULD only be stored under the empty label "@" but MAY be |
1278 | returned with record sets under any label as a supplemental record. | 1278 | returned with record sets under any label as a supplemental record. |
1279 | <xref target="nick_processing"/> details how a resolver must process | 1279 | <xref target="nick_processing"/> details how a resolver must process |
@@ -1452,13 +1452,13 @@ q := SHA512 (HDKD-Public(zk, label)) | |||
1452 | </dd> | 1452 | </dd> |
1453 | <dt>zk</dt> | 1453 | <dt>zk</dt> |
1454 | <dd> | 1454 | <dd> |
1455 | is the public zone key. | 1455 | is the zone key. |
1456 | </dd> | 1456 | </dd> |
1457 | <dt>q</dt> | 1457 | <dt>q</dt> |
1458 | <dd> | 1458 | <dd> |
1459 | Is the 512-bit storage key under which the resource records block is | 1459 | Is the 512-bit storage key under which the resource records block is |
1460 | published. | 1460 | published. |
1461 | It is the SHA512 hash over the derived public zone key. | 1461 | It is the SHA512 hash over the derived zone key. |
1462 | </dd> | 1462 | </dd> |
1463 | </dl> | 1463 | </dl> |
1464 | </section> | 1464 | </section> |
@@ -1481,7 +1481,7 @@ q := SHA512 (HDKD-Public(zk, label)) | |||
1481 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 1481 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
1482 | 0 8 16 24 32 40 48 56 | 1482 | 0 8 16 24 32 40 48 56 |
1483 | +-----+-----+-----+-----+-----+-----+-----+-----+ | 1483 | +-----+-----+-----+-----+-----+-----+-----+-----+ |
1484 | | ZONE TYPE | ZONE PUBLIC KEY | | 1484 | | ZONE TYPE | ZONE KEY | |
1485 | +-----+-----+-----+-----+ (BLINDED) | | 1485 | +-----+-----+-----+-----+ (BLINDED) | |
1486 | / / | 1486 | / / |
1487 | / / | 1487 | / / |
@@ -1508,9 +1508,9 @@ q := SHA512 (HDKD-Public(zk, label)) | |||
1508 | <dd> | 1508 | <dd> |
1509 | is the 32-bit zone type. | 1509 | is the 32-bit zone type. |
1510 | </dd> | 1510 | </dd> |
1511 | <dt>ZONE PUBLIC KEY</dt> | 1511 | <dt>ZONE KEY</dt> |
1512 | <dd> | 1512 | <dd> |
1513 | is the blinded public zone key "ZKDF-Public(zk, label)" | 1513 | is the blinded zone key "ZKDF-Public(zk, label)" |
1514 | to be used to verify SIGNATURE. | 1514 | to be used to verify SIGNATURE. |
1515 | </dd> | 1515 | </dd> |
1516 | <dt>SIGNATURE</dt> | 1516 | <dt>SIGNATURE</dt> |
@@ -1635,7 +1635,7 @@ q := SHA512 (HDKD-Public(zk, label)) | |||
1635 | </t> | 1635 | </t> |
1636 | <t> | 1636 | <t> |
1637 | GNS resolution of a name must start in a given starting zone indicated using | 1637 | GNS resolution of a name must start in a given starting zone indicated using |
1638 | a zone public key. | 1638 | a zone key. |
1639 | Details on how the starting zone may be determined is discussed in | 1639 | Details on how the starting zone may be determined is discussed in |
1640 | <xref target="governance" />. | 1640 | <xref target="governance" />. |
1641 | </t> | 1641 | </t> |
@@ -1654,7 +1654,7 @@ q := SHA512 (HDKD-Public(zk, label)) | |||
1654 | <name>Root Zone</name> | 1654 | <name>Root Zone</name> |
1655 | <t> | 1655 | <t> |
1656 | The resolution of a GNS name must start in a given start zone | 1656 | The resolution of a GNS name must start in a given start zone |
1657 | indicated to the resolver using any public zone key. | 1657 | indicated to the resolver using any zone key. |
1658 | The local resolver may have a local start zone configured/hard-coded | 1658 | The local resolver may have a local start zone configured/hard-coded |
1659 | which points to a local or remote start zone key. | 1659 | which points to a local or remote start zone key. |
1660 | A resolver client may also determine the start zone from the | 1660 | A resolver client may also determine the start zone from the |
@@ -1674,7 +1674,7 @@ q := SHA512 (HDKD-Public(zk, label)) | |||
1674 | GNS clients MUST first try to interpret the top-level domain of | 1674 | GNS clients MUST first try to interpret the top-level domain of |
1675 | a GNS name as a zone key representation (i.e. a zTLD). | 1675 | a GNS name as a zone key representation (i.e. a zTLD). |
1676 | If the top-level domain is indicated to be a label representation of | 1676 | If the top-level domain is indicated to be a label representation of |
1677 | a public zone key with a supported zone type value, the root zone of | 1677 | a zone key with a supported zone type value, the root zone of |
1678 | the resolution process is implicitly given by the suffix of the name: | 1678 | the resolution process is implicitly given by the suffix of the name: |
1679 | </t> | 1679 | </t> |
1680 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 1680 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
@@ -2157,12 +2157,12 @@ NICK: john (Supplemental) | |||
2157 | <name>Label Guessing</name> | 2157 | <name>Label Guessing</name> |
2158 | <t> | 2158 | <t> |
2159 | Record blocks are published encrypted using keys derived from the | 2159 | Record blocks are published encrypted using keys derived from the |
2160 | zone public key and record label. Zone administrators should | 2160 | zone key and record label. Zone administrators should |
2161 | carefully consider if the label and zone key may be public or if | 2161 | carefully consider if the label and zone key may be public or if |
2162 | those should be used and considered as a shared secret. | 2162 | those should be used and considered as a shared secret. |
2163 | Unlike zone keys, labels can also be guessed by | 2163 | Unlike zone keys, labels can also be guessed by |
2164 | an attacker in the network observing queries and responses. Given | 2164 | an attacker in the network observing queries and responses. Given |
2165 | a known and targeted zone public key, the use of well known or easily guessable | 2165 | a known and targeted zone key, the use of well known or easily guessable |
2166 | labels effectively result in general disclosure of the records to | 2166 | labels effectively result in general disclosure of the records to |
2167 | the public. | 2167 | the public. |
2168 | If the labels and hence the records should be kept secret except to | 2168 | If the labels and hence the records should be kept secret except to |
@@ -2172,7 +2172,7 @@ NICK: john (Supplemental) | |||
2172 | </t> | 2172 | </t> |
2173 | <t> | 2173 | <t> |
2174 | It should be noted that this attack on labels only applies if the | 2174 | It should be noted that this attack on labels only applies if the |
2175 | zone public key is somehow disclosed to the adversary. GNS itself | 2175 | zone key is somehow disclosed to the adversary. GNS itself |
2176 | does not disclose it during a lookup or when resource records are | 2176 | does not disclose it during a lookup or when resource records are |
2177 | published as the zone keys are blinded beforehand. | 2177 | published as the zone keys are blinded beforehand. |
2178 | </t> | 2178 | </t> |