diff options
-rw-r--r-- | doc/api.md | 5 | ||||
-rw-r--r-- | doc/design.md | 8 |
2 files changed, 10 insertions, 3 deletions
@@ -325,7 +325,8 @@ Input: above signature. The key is encoded as defined in [RFC 8032, section 5.1.2](https://tools.ietf.org/html/rfc8032#section-5.1.2), then hex-encoded. - `domain_hint`: domain name indicating where `tree_leaf.key_hash` can be found - as a DNS TXT resource record with hex-encoding. + as a DNS TXT resource record with hex-encoding. The left-most label must be + set to `_sigsum_v0`. Output on success: - None @@ -344,7 +345,7 @@ $ echo "shard_hint=1633039200 checksum=315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3 signature=0b849ed46b71b550d47ae320a8a37401129d71888edcc387b6a604b2fe1579e25479adb0edd1769f9b525d44b843ac0b3527ea12b8d9574676464b2ec6077401 verification_key=46a6aaceb6feee9cb50c258123e573cc5a8aa09e5e51d1a56cace9bfd7c5569c -domain_hint=example.com" | curl --data-binary @- <base url>/sigsum/v0/add-leaf +domain_hint=_sigsum_v0.example.com" | curl --data-binary @- <base url>/sigsum/v0/add-leaf ``` ### 3.8 - add-cosignature diff --git a/doc/design.md b/doc/design.md index 439f8c5..85e0ea3 100644 --- a/doc/design.md +++ b/doc/design.md @@ -347,7 +347,13 @@ A signer's domain hint is not part of the logged leaf because key management is more complex than that. A separate project should focus on transparent key management. Our work is about transparent _key-usage_. -We are considering if additional anti-spam mechanisms should be supported. +A signer's domain hint must have the left-most label set to `_sigsum_v0` to +reduce the space of valid DNS TXT RRs that the log needs to permit queries for. +See further details in the + [proposal](https://git.sigsum.org/sigsum/tree/doc/proposals/2022-01-domain-hint) +that added this criteria. + +We are considering if additional anti-spam mechanisms should be supported in v1. #### 4.3 - What is the point of having a shard hint? Unlike TLS certificates which already have validity ranges, a checksum does not |