docs/submission.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

# Submission

docdoc

## Format

    NAME MAC
    <PEM CHAIN>
    silent-ct:separator
    ...
    <PEM CHAIN>

`NAME`: identifier that the monitor uses to locate the right secret.

`MAC`: HMAC with SHA256 as the hash function, computed for line two and forward.
The HMAC key is derived by the node and the monitor from their shared secret:

    hkdf := hkdf.New(sha256.New, SECRET, []byte("silent-ct"), NAME)
    key := make([]byte, 16)
    io.ReadFull(hkdf, key)

`<PEM CHAIN>`: certificate chain in PEM format the node considers legitimate.