diff options
| author | Rasmus Dahlberg <rasmus@rgdd.se> | 2023-12-31 09:39:25 +0100 |
|---|---|---|
| committer | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-01-07 20:22:23 +0100 |
| commit | e18d36ebae30536c77c61cd5da123991e0ca1629 (patch) | |
| tree | bf4880c0019a6009ab1b671e23ef4a1a4a5e8e08 /docs/submission.md | |
| parent | 54d980afcbd6f0011d6a162e0003587d26a3e311 (diff) | |
Add drafty prototype
Diffstat (limited to 'docs/submission.md')
| -rw-r--r-- | docs/submission.md | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/docs/submission.md b/docs/submission.md new file mode 100644 index 0000000..357f07a --- /dev/null +++ b/docs/submission.md @@ -0,0 +1,22 @@ +# Submission + +docdoc + +## Format + + NAME MAC + <PEM CHAIN> + silent-ct:separator + ... + <PEM CHAIN> + +`NAME`: identifier that the monitor uses to locate the right secret. + +`MAC`: HMAC with SHA256 as the hash function, computed for line two and forward. +The HMAC key is derived by the node and the monitor from their shared secret: + + hkdf := hkdf.New(sha256.New, SECRET, []byte("silent-ct"), NAME) + key := make([]byte, 16) + io.ReadFull(hkdf, key) + +`<PEM CHAIN>`: certificate chain in PEM format the node considers legitimate. |