Improve terminology and documentationmain

author: Rasmus Dahlberg <rasmus@rgdd.se> 2024-06-01 15:35:45 +0200
committer: Rasmus Dahlberg <rasmus@rgdd.se> 2024-06-02 13:04:04 +0200
commit: 62f94ac6a1404834ac6f0723ef57e25fcd5e67f9 (patch)
tree: 5a70ce3dec39229d37816dafed0d944016c1dd54 /docs/feedback.md
parent: 279de6a1195adb739a8d1f2afb445b68793b28b8 (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/docs/feedback.md b/docs/feedback.md
new file mode 100644
index 0000000..d79d57f
--- /dev/null
+++ b/docs/feedback.md
@@ -0,0 +1,23 @@
+# Feedback
+
+This document describes the integrity-protected file format that a trusted
+system uses when making legitimately issued certificates available to a monitor.
+
+## Format
+
+    NAME MAC
+    <CERTIFICATE CHAIN>
+    ...
+    <CERTIFICATE CHAIN>
+
+`NAME`: identifier that the monitor uses to locate the shared secret.
+
+`MAC`: HMAC with SHA256 as the hash function, computed for line two and forward.
+The shared HMAC key is derived as follows by the trusted system and the monitor:
+
+    hkdf := hkdf.New(sha256.New, SECRET, []byte("silentct"), NAME)
+    key := make([]byte, 16)
+    io.ReadFull(hkdf, key)
+
+`<CERTIFICATE CHAIN>`: certificate chain in PEM format that the trusted system
+considers legitimate.  Can be repeated, then delimited by "silentct:separator".
author	Rasmus Dahlberg <rasmus@rgdd.se>	2024-06-01 15:35:45 +0200
committer	Rasmus Dahlberg <rasmus@rgdd.se>	2024-06-02 13:04:04 +0200
commit	62f94ac6a1404834ac6f0723ef57e25fcd5e67f9 (patch)
tree	5a70ce3dec39229d37816dafed0d944016c1dd54 /docs/feedback.md
parent	279de6a1195adb739a8d1f2afb445b68793b28b8 (diff)