taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

document denomination key revocation file format

Browse Source
This commit is contained in:
Christian Grothoff 2017-04-08 19:54:12 +02:00
parent 2948254d49
commit 47d03e227a
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
1 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
doc/taler-exchange.texi
View File

@ -1000,7 +1000,6 @@ struct TALER_EXCHANGEDB_PrivateSigningKeyInformationP @{
@node Denomination key storage
@section Denomination key storage
The private denomination keys of the exchange are store in a
subdirectory "denomkeys/" of the "KEYDIR" which is an option in the
"[exchange]" section of the configuration file. "denomkeys/" contains
@ -1035,6 +1034,43 @@ This is then followed by the variable-size RSA private key in
libgcrypt's S-expression format, which can be decoded using
@cite{GNUNET_CRYPTO_rsa_private_key_decode()}.
@menu
* Revocations::
@end menu
@node Revocations
@subsection Revocations
@cindex payback
@cindex revocation
When an exchange goes out of business or detects that the private
key of a denomination key pair has been compromised, it may revoke
some or all of its denomination keys. At this point, the hashes
of the revoked keys must be returned as part of the @code{/keys} response
under ``payback''. Wallets detect this, and then return unspent
coins of the respective denomination key using the @code{/payback}
API.
When a denomination key is revoked, a revocation file is placed
into the respective subdirectory of ``denomkeys/''. The file has the
same prefix as the file that stores the
@cite{struct TALER_EXCHANGEDB_DenominationKeyInformationP} information,
but is followed by the ``.rev'' suffix. It contains a 64-byte
EdDSA signature made with the master key of the exchange with purpose
@code{TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED}. If such a file
is present, the exchange must check the signature and if it is valid
treat the respective denomination key as revoked.
Revocation files can be generated using the
@code{taler-exchange-keyup} command-line tool using the @code{-r}
option. The Taler auditor will instruct operators to generate
revocations if it detects a key compromise (which is possible more
coins of a particular denomination were deposited than issued).
It should be noted that denomination key revocations should only happen
under highly unusual (``emergency'') conditions and not under normal
conditions.
@node Auditor signature storage
@section Auditor signature storage