[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0001] branch master updated: write 'recursion' steps slightly more a
|
From: |
gnunet |
|
Subject: |
[lsd0001] branch master updated: write 'recursion' steps slightly more algorithmically |
|
Date: |
Fri, 30 Jun 2023 23:58:28 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository lsd0001.
The following commit(s) were added to refs/heads/master by this push:
new 6629af6 write 'recursion' steps slightly more algorithmically
6629af6 is described below
commit 6629af680b7dc805eb3c5f2b04b7dda52813dfac
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Jun 30 23:58:23 2023 +0200
write 'recursion' steps slightly more algorithmically
---
draft-schanzen-gns.xml | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index acf67d4..9953e4a 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -2207,24 +2207,24 @@ example.com.gns.alt = zTLD2 := Base32GNS(ztype2||zk2)
<li>Calculate q using the label and zk as defined in
<xref target="blinding" />.</li>
<li>Perform a storage query GET(q) to retrieve the RRBLOCK.</li>
- <li>Verify and process the RRBLOCK and decrypt the BDATA contained
- in it using S-Decrypt() as defined by the zone type effectively
- inverting the process described in <xref target="records_block"
/>.</li>
+ <li>Check that (a) the block is not expired, (b) the SHA-512 hash
+ of the derived authoritative zone key zk' from the RRBLOCK matches
+ the query q, and (c) that the signature is valid. If any of these
+ tests fail, the RRBLOCK <bcp14>MUST</bcp14>
+ be ignored and, if applicable, the storage lookup GET(q)
+ <bcp14>MUST</bcp14> continue to look for other RRBLOCKs.</li>
+ <li>Obtain the RDATA by decrypting the BDATA contained in the
+ RRBLOCK using S-Decrypt() as defined by the zone type,
effectively
+ inverting the process described in <xref target="records_block"
/>.</li>
</ol>
<t>
- Upon receiving the RRBLOCK from the storage, as part of verifying
the
- provided signature, the resolver <bcp14>MUST</bcp14> check that the
SHA-512 hash of the
- derived authoritative zone key zk' from the RRBLOCK matches the
query q
- and that the block is not yet expired.
- If the signature does not match or the block is expired, the
RRBLOCK <bcp14>MUST</bcp14>
- be ignored and, if applicable, the storage lookup GET(q)
<bcp14>MUST</bcp14> continue to
- look for other RRBLOCKs.
+ Once a well-formed block has been decrypted, the records from
+ RDATA are subjected to record processing.
</t>
</section>
<section anchor="record_processing" numbered="true" toc="default">
<name>Record Processing</name>
<t>
- Record processing occurs once a well-formed block has been
decrypted.
In record processing, only the valid records obtained are
considered.
To filter records by validity, the resolver
<bcp14>MUST</bcp14> at least check the expiration time and the
FLAGS field of the
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lsd0001] branch master updated: write 'recursion' steps slightly more algorithmically,
gnunet <=