From: Zooko O'Whielacronx Date: Sat, 11 Aug 2007 16:45:03 +0000 (-0700) Subject: foolscap: change using-foolscap.xhtml to say "public key" instead of "private key" X-Git-Url: https://git.rkrishnan.org/pf/content/en/seg/provisioning?a=commitdiff_plain;h=3bc708529f6a64cbfe472f485c697aeff380ea9d;p=tahoe-lafs%2Ftahoe-lafs.git foolscap: change using-foolscap.xhtml to say "public key" instead of "private key" In the first instance, I hope that the tubid is generated from the hash of the public key and not the hash of the private key! In the latter instances, the phrase "public key" as in "public key certificate" is more common. --- diff --git a/src/foolscap/doc/using-foolscap.xhtml b/src/foolscap/doc/using-foolscap.xhtml index 9ddc88ce..ade5a60d 100644 --- a/src/foolscap/doc/using-foolscap.xhtml +++ b/src/foolscap/doc/using-foolscap.xhtml @@ -145,10 +145,10 @@ listen on a port, and tell it the protocol/hostname/portnumber at which that port is accessibly to the outside world.

In general, the Tub will generate its own identity, the TubID, by -creating an SSL private key certificate and hashing it into a suitably-long +creating an SSL public key certificate and hashing it into a suitably-long random-looking string. This is the primary identifier of the Tub: everything else is just a location hint that suggests how the Tub might be -reached. The fact that the TubID is tied to the private key allows FURLs to +reached. The fact that the TubID is tied to the public key allows FURLs to be secure references (meaning that no third party can cause you to connect to the wrong reference). You can also create a Tub with a pre-existing certificate, which is how Tubs can retain a persistent identity @@ -236,7 +236,7 @@ application.

Using a persistent certificate

-

The Tub uses a TLS private-key certificate as the base of all its +

The Tub uses a TLS public-key certificate as the base of all its cryptographic operations. If you don't give it one when you create the Tub, it will generate a brand-new one.