diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2021-12-22 16:58:15 +0100 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2021-12-22 16:58:15 +0100 |
commit | 252d848b2d9d034d81c8c681dc30b3b0d854e75a (patch) | |
tree | 83a7bf2747c5efcb0c1add95fe78b7ee7767bd3b | |
parent | 79a6958f6c79ff29da1672d0e99777d8d947eda8 (diff) | |
download | lsd0001-252d848b2d9d034d81c8c681dc30b3b0d854e75a.tar.gz lsd0001-252d848b2d9d034d81c8c681dc30b3b0d854e75a.zip |
fixes
-rw-r--r-- | draft-schanzen-gns.xml | 53 |
1 files changed, 25 insertions, 28 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 307b6fa..f00eb46 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -167,22 +167,9 @@ | |||
167 | <t> | 167 | <t> |
168 | In GNS, any user may create and manage one or more cryptographically | 168 | In GNS, any user may create and manage one or more cryptographically |
169 | secured zones (<xref target="zones"/>). | 169 | secured zones (<xref target="zones"/>). |
170 | A GNS allows the creation of signatures for zone contents | 170 | A set of cryptographic functions which are determined by the zone type |
171 | using a blinded public/private key pair. | 171 | enable the creation of signatures for zone contents using blinded |
172 | This blinding is realized using a deterministic key | 172 | public/private key pairs and encryption of zone contents. |
173 | derivation from | ||
174 | the original public and private zone keys using record label values. | ||
175 | Specifically, the zone owner can derive private keys for each record | ||
176 | set published under a label, and a | ||
177 | resolver can derive the corresponding public keys. | ||
178 | Without knowledge of the label values and the zone public keys, the | ||
179 | different derivations are unlinkable both to the original key and to each | ||
180 | other. | ||
181 | This prevents zone enumeration and requires knowledge | ||
182 | of both the public zone key and the label to confirm affiliation with a | ||
183 | specific zone. At the same time, the blinded zone public key provides nodes | ||
184 | with the ability to verifiy the integrity of the published information | ||
185 | without disclosing the originating zone. | ||
186 | </t> | 173 | </t> |
187 | <t> | 174 | <t> |
188 | A zone can be populated with mappings from labels to resource records by | 175 | A zone can be populated with mappings from labels to resource records by |
@@ -194,10 +181,18 @@ | |||
194 | </t> | 181 | </t> |
195 | <t> | 182 | <t> |
196 | Zone contents are encrypted and signed | 183 | Zone contents are encrypted and signed |
197 | before being published as RRBLOCKs in a distributed key-value storage | 184 | before being published in a distributed key-value storage |
198 | (<xref target="publish"/>). | 185 | (<xref target="publish"/>). |
199 | In this process, unique zone identification is hidden from the network | 186 | In this process, unique zone identification is hidden from the network |
200 | through the use of key blinding. | 187 | through the use of key blinding. |
188 | It allows the creation of signatures for zone contents | ||
189 | using a blinded public/private key pair. | ||
190 | This blinding is realized using a deterministic key | ||
191 | derivation from | ||
192 | the original public and private zone keys using record label values. | ||
193 | Specifically, the zone owner can derive private keys for each record | ||
194 | set published under a label, and a | ||
195 | resolver can derive the corresponding public keys. | ||
201 | It is expected that GNS implementations use distributed or decentralized | 196 | It is expected that GNS implementations use distributed or decentralized |
202 | storages such as distributed hash tables (DHT) in order to facilitate | 197 | storages such as distributed hash tables (DHT) in order to facilitate |
203 | availability within a network without the need of servers. | 198 | availability within a network without the need of servers. |
@@ -209,6 +204,15 @@ | |||
209 | <t> | 204 | <t> |
210 | Starting from a configurable root zone, names are resolved following zone | 205 | Starting from a configurable root zone, names are resolved following zone |
211 | delegations which are recursively queried from the storage (<xref target="resolution"/>). | 206 | delegations which are recursively queried from the storage (<xref target="resolution"/>). |
207 | Without knowledge of the label values and the zone public keys, the | ||
208 | different derived keys are unlinkable both to the original key and to each | ||
209 | other. | ||
210 | This prevents zone enumeration and requires knowledge | ||
211 | of both the public zone key and the label to confirm affiliation with a | ||
212 | specific zone. At the same time, the blinded zone public key provides | ||
213 | resolvers | ||
214 | with the ability to verify the integrity of the published information | ||
215 | without disclosing the originating zone. | ||
212 | </t> | 216 | </t> |
213 | <t> | 217 | <t> |
214 | In the remainder of this document, the "implementer" refers to the developer building | 218 | In the remainder of this document, the "implementer" refers to the developer building |
@@ -222,15 +226,10 @@ | |||
222 | <name>Zones</name> | 226 | <name>Zones</name> |
223 | <t> | 227 | <t> |
224 | A zone in GNS is defined by its zone type and zone ID. | 228 | A zone in GNS is defined by its zone type and zone ID. |
225 | The zone type determines a set of cryptographic functions which | ||
226 | enables the creation of signatures for zone contents using a blinded | ||
227 | public/private key pairs and encryption of zone contents. | ||
228 | Further, each zone can be represented by a Zone Top-Level Domain (zTLD) | 229 | Further, each zone can be represented by a Zone Top-Level Domain (zTLD) |
229 | string. | 230 | string. |
230 | </t> | ||
231 | <t> | ||
232 | In this section, the zone type, zone ID, zTLD and zone revocation is | 231 | In this section, the zone type, zone ID, zTLD and zone revocation is |
233 | defined. | 232 | specified. |
234 | </t> | 233 | </t> |
235 | <section anchor="ztype" numbered="true" toc="default"> | 234 | <section anchor="ztype" numbered="true" toc="default"> |
236 | <name>Zone Type</name> | 235 | <name>Zone Type</name> |
@@ -246,8 +245,8 @@ | |||
246 | <t> | 245 | <t> |
247 | For any zone, d is the private zone key. zk is the public zone key. | 246 | For any zone, d is the private zone key. zk is the public zone key. |
248 | The specific formats depends on the zone type. | 247 | The specific formats depends on the zone type. |
249 | The default zone delegation record types are specified in | 248 | The creation of zone keys for the default zone types are specificed in |
250 | <xref target="rrecords"/>. | 249 | <xref target="gnsrecords_delegation"/>. |
251 | New zone types may be specified in the future, for example if the | 250 | New zone types may be specified in the future, for example if the |
252 | cryptographic mechanisms used in this document are broken. | 251 | cryptographic mechanisms used in this document are broken. |
253 | Any zone type MUST define the following set of cryptographic functions: | 252 | Any zone type MUST define the following set of cryptographic functions: |
@@ -662,8 +661,6 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62] | |||
662 | A GNS implementer MUST provide a mechanism to create and manage resource | 661 | A GNS implementer MUST provide a mechanism to create and manage resource |
663 | records for local zones. A local zone is established by selecting a | 662 | records for local zones. A local zone is established by selecting a |
664 | zone type and creating a zone key pair. | 663 | zone type and creating a zone key pair. |
665 | The creation of zone keys for the default zone types are specificed in | ||
666 | <xref target="gnsrecords_delegation"/>. | ||
667 | As records may be added to each created zone, a (local) persistency | 664 | As records may be added to each created zone, a (local) persistency |
668 | mechanism such as a database for resource records and zones must be provided. | 665 | mechanism such as a database for resource records and zones must be provided. |
669 | This local zone database is used by the name resolution logic and serves | 666 | This local zone database is used by the name resolution logic and serves |
@@ -2225,7 +2222,7 @@ Number | Name | Contact | References | Comment | |||
2225 | </t> | 2222 | </t> |
2226 | <figure anchor="figure_purposenums"> | 2223 | <figure anchor="figure_purposenums"> |
2227 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 2224 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
2228 | Purpose | Name | References | Description | 2225 | Purpose | Name | References | Comment |
2229 | --------+-----------------+------------+-------------------------- | 2226 | --------+-----------------+------------+-------------------------- |
2230 | 3 | GNS_REVOCATION | [This.I-D] | GNS zone key revocation | 2227 | 3 | GNS_REVOCATION | [This.I-D] | GNS zone key revocation |
2231 | 15 | GNS_RECORD_SIGN | [This.I-D] | GNS record set signature | 2228 | 15 | GNS_RECORD_SIGN | [This.I-D] | GNS record set signature |