diff options
Diffstat (limited to 'draft-schanzen-gns.xml')
-rw-r--r-- | draft-schanzen-gns.xml | 63 |
1 files changed, 49 insertions, 14 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 7658fa2..a4d94e6 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -1611,10 +1611,8 @@ q := SHA-512 (ZKDF-Public(zk, label)) | |||
1611 | <dl> | 1611 | <dl> |
1612 | <dt>SIZE</dt> | 1612 | <dt>SIZE</dt> |
1613 | <dd> | 1613 | <dd> |
1614 | A 32-bit value containing the length of the signed data following the | 1614 | A 32-bit value containing the length of the block. |
1615 | PUBLIC KEY field in network byte order. This value always includes the | 1615 | While a 32-bit value is used, |
1616 | length of the fields SIZE (4), PURPOSE (4) and EXPIRATION (8) in | ||
1617 | addition to the length of the BDATA. While a 32-bit value is used, | ||
1618 | implementations MAY refuse to publish blocks beyond a certain | 1616 | implementations MAY refuse to publish blocks beyond a certain |
1619 | size significantly below 4 GB. | 1617 | size significantly below 4 GB. |
1620 | </dd> | 1618 | </dd> |
@@ -1630,19 +1628,13 @@ q := SHA-512 (ZKDF-Public(zk, label)) | |||
1630 | </dd> | 1628 | </dd> |
1631 | <dt>SIGNATURE</dt> | 1629 | <dt>SIGNATURE</dt> |
1632 | <dd> | 1630 | <dd> |
1633 | The signature is computed over the data following | 1631 | The signature is computed over the EXPIRATION and BDATA fields |
1634 | this field. The length and format of the signature depends on the ztype. | 1632 | as detailed in <xref target="figure_rrsigwithpseudo"/>. |
1633 | The length and format of the signature depends on the ztype. | ||
1635 | The signature is created using the Sign() function of | 1634 | The signature is created using the Sign() function of |
1636 | the cryptosystem of the zone and the derived private key | 1635 | the cryptosystem of the zone and the derived private key |
1637 | "ZKDF-Private(d, label)" (see <xref target="zones" />). | 1636 | "ZKDF-Private(d, label)" (see <xref target="zones" />). |
1638 | </dd> | 1637 | </dd> |
1639 | <!--<dt>PURPOSE</dt> | ||
1640 | <dd> | ||
1641 | A 32-bit signature purpose flag. For a RRBLOCK the value of this | ||
1642 | field MUST be 15. The value is encoded in network byte order. | ||
1643 | The value of this field corresponds to an entry in the | ||
1644 | GANA "GNUnet Signature Purpose" registry. | ||
1645 | </dd>FIXME: We need the signature wire format --> | ||
1646 | <dt>EXPIRATION</dt> | 1638 | <dt>EXPIRATION</dt> |
1647 | <dd> | 1639 | <dd> |
1648 | Specifies when the RRBLOCK expires and the encrypted block | 1640 | Specifies when the RRBLOCK expires and the encrypted block |
@@ -1659,9 +1651,52 @@ q := SHA-512 (ZKDF-Public(zk, label)) | |||
1659 | </dd> | 1651 | </dd> |
1660 | <dt>BDATA</dt> | 1652 | <dt>BDATA</dt> |
1661 | <dd> | 1653 | <dd> |
1662 | The encrypted RDATA with a total size of SIZE - 16. | 1654 | The encrypted RDATA. Its size is determined by the S-Encrypt() |
1655 | function of the ztype. | ||
1656 | </dd> | ||
1657 | </dl> | ||
1658 | <t> | ||
1659 | The signature over the public key covers a 32-bit pseudo header | ||
1660 | conceptually prefixed to the EXPIRATION and the BDATA fields. | ||
1661 | The wire format is illustrated | ||
1662 | in <xref target="figure_rrsigwithpseudo"/>. | ||
1663 | </t> | ||
1664 | <figure anchor="figure_rrsigwithpseudo"> | ||
1665 | <artwork name="" type="" align="left" alt=""><![CDATA[ | ||
1666 | 0 8 16 24 32 40 48 56 | ||
1667 | +-----+-----+-----+-----+-----+-----+-----+-----+ | ||
1668 | | SIZE | PURPOSE (0x0F) | | ||
1669 | +-----+-----+-----+-----+-----+-----+-----+-----+ | ||
1670 | | EXPIRATION | | ||
1671 | +-----+-----+-----+-----+-----+-----+-----+-----+ | ||
1672 | | BDATA | | ||
1673 | / / | ||
1674 | / / | ||
1675 | +-----+-----+-----+-----+-----+-----+-----+-----+ | ||
1676 | ]]></artwork> | ||
1677 | </figure> | ||
1678 | <t>The Wire Format of the for Signing.</t> | ||
1679 | <dl> | ||
1680 | <dt>SIZE</dt> | ||
1681 | <dd> | ||
1682 | A 32-bit value containing the length of the signed data in bytes | ||
1683 | in network byte order. | ||
1663 | </dd> | 1684 | </dd> |
1685 | <dt>PURPOSE</dt> | ||
1686 | <dd> | ||
1687 | A 32-bit signature purpose flag. For a RRBLOCK the value of this | ||
1688 | field MUST be 15. The value is encoded in network byte order. | ||
1689 | The value of this field corresponds to an entry in the | ||
1690 | GANA "GNUnet Signature Purpose" registry. | ||
1691 | </dd> | ||
1692 | <dt>EXPIRATION</dt> | ||
1693 | <dd> | ||
1694 | Field as defined in the RRBLOCK message above. | ||
1695 | </dd> | ||
1696 | <dt>BDATA</dt> | ||
1697 | <dd>Field as defined in the RRBLOCK message above.</dd> | ||
1664 | </dl> | 1698 | </dl> |
1699 | |||
1665 | <t> | 1700 | <t> |
1666 | A symmetric encryption scheme is used to encrypt the resource records | 1701 | A symmetric encryption scheme is used to encrypt the resource records |
1667 | set RDATA into the BDATA field of a GNS RRBLOCK. | 1702 | set RDATA into the BDATA field of a GNS RRBLOCK. |