Directory authority key certificates
Directory authorities create key certificates to certify
their medium-term signing keys (KP_auth_sign_rsa
)
with their long-term authority identity keys (KP_auth_id_rsa
).
An authority key certificate is a netdoc. Authority key certificates can appear as a sub-section of other documents, notably network status votes.
Authorities MUST generate a new signing key and corresponding certificate before the key expires.
Authority key certificate items
dir-key-certificate-version
— Introduce an auth key cert
dir-key-certificate-version
version ..- At start, exactly once
States the protocol version of the key certificate.
version
MUST be 3
.
Implementations MUST reject formats they don’t understand.
dir-address
— Public directory service address
dir-address
address:port ..- At most once
The IP address and TCP port at which this authority serves directory requests over HTTP,
fingerprint
— authority identity, H(KP_auth_id_rsa)
fingerprint
fingerprint ..- Exactly once.
fingerprint is SHA1(DER(KP_auth_id_rsa)), in uppercase hex.
dir-identity-key
— authority identity key, KP_auth_id_rsa
dir-identity-key
- key_ Object,
RSA PUBLIC KEY
- Exactly once.
- No extra arguments
The long-term authority identity key KP_auth_id_rsa for this authority. key is a DER PKCS#1 RSAPublicKey structure encoded as an Object.
This key SHOULD be at least 2048 bits long; it MUST NOT be shorter than 1024 bits.
dir-key-published
— Certificate generation time
dir-key-published
date time ..- Exactly once.
date and time are as for
published
in a router descriptor.
The time when this document and corresponding key were last generated.
Implementations SHOULD reject certificates that are published too far in the future, though they MAY tolerate some clock skew.
dir-key-expires
– Certificate expiry time
dir-key-expires
date time ..- Exactly once.
The time after which this certificate is no longer valid.
date and time are
as for dir-key-published
.
Implementations SHOULD reject expired certificates, though they MAY tolerate some clock skew.
dir-signing-key
— Signing key, KP_auth_sign_rsa
dir-signing-key
- key_ Object,
RSA PUBLIC KEY
- Exactly once
- No extra arguments.
The directory server’s public signing key KP_auth_sign_rsa
.
This key MUST be at least 1024 bits, and MAY be longer.
dir-key-crosscert
— Cross-certificate by KP_auth_sign_rsa
dir-key-crosscert
- CrossSignature, Object
ID SIGNATURE
orSIGNATURE
- Exactly once.
- No extra arguments.
CrossSignature is a signature, made using the certificate’s signing
key KP_auth_sign_rsa
, of the PKCS1-padded hash of the certificate’s
identity key: SHA1(DER(KP_auth_id_rsa))
.
For backward compatibility with broken versions of the
parser, we wrap the base64-encoded signature in
-----BEGIN ID SIGNATURE----
and -----END ID SIGNATURE-----
tags.
Implementations
MUST allow the “ID “ portion to be omitted, however.
Implementations MUST verify that the signature is a correct signature of the hash of the identity key using the signing key.
dir-key-certification
— Signature
dir-key-certification
- RSA signature of the document by KP_auth_id_rsa.
- At end, exactly once.
- No extra argument.