[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13407 [Tor bundles/installation]: Transition smoothly away from Erinn's signing key for the coming releases



#13407: Transition smoothly away from Erinn's signing key for the coming releases
------------------------------------------+--------------------------------
     Reporter:  gk                        |      Owner:  erinn
         Type:  task                      |     Status:  new
     Priority:  normal                    |  Milestone:
    Component:  Tor bundles/installation  |    Version:
   Resolution:                            |   Keywords:  security,
Actual Points:                            |  usability
       Points:                            |  Parent ID:
------------------------------------------+--------------------------------

Comment (by nickm):

 A few stupid thoughts as I am distracted from other things:

 There doesn't need to be a single unitary solution here.  Suppose that our
 we believe that what we'd really like to do (were usability not an issue)
 is sign everything using threshold postquantum signatures over blake2 +
 cubehash, with a drum solo to drive away the evil spirits. And suppose
 that from a usability POV we have no idea how to make that usable, and we
 think that we need to do gpg signatures for the forseeable future if we
 want any hope of users actually checking these things.

 What stops us from doing both?  Give people a high-security way to check
 packages and a high-usability way if we don't believe we can make a single
 way that has both properties.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13407#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs