[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec/master] Note TLS link key size and digest change in prop220

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec/master] Note TLS link key size and digest change in prop220
From: nickm@xxxxxxxxxxxxxx
Date: Thu, 22 Sep 2016 15:12:25 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 22 Sep 2016 11:12:47 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit b2e42644dc39abe6c4960346fd588d8dcd0ab650
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Thu Sep 22 11:12:20 2016 -0400

    Note TLS link key size and digest change in prop220
---
 proposals/220-ecc-id-keys.txt | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/proposals/220-ecc-id-keys.txt b/proposals/220-ecc-id-keys.txt
index 7a21f20..dd063e8 100644
--- a/proposals/220-ecc-id-keys.txt
+++ b/proposals/220-ecc-id-keys.txt
@@ -670,3 +670,11 @@ A.5. Reserved numbers
         6: TLS authentication key certified by Ed25519 signing key
         7: RSA cross-certificate for Ed25519 identity key
 
+
+A.6. Related changes
+
+   As we merge this, proposal, we should also extend link key size to
+   2048 bits, and use SHA256 as the x509 cert algorithm for our link
+   keys. This will improve link security, and deliver better
+   fingerprinting resistence.  See proposal 179 for an older discussion
+   of this issue.

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/maint-0.2.8] Bump to 0.2.8.8-dev.
Next by Author: [tor-commits] [tor/maint-0.2.8] Update hard-coded fallback list based on pre-0.2.9 checks
Previous by thread: [tor-commits] [torspec/master] correct prop244 and make it more specific
Next by thread: [tor-commits] [translation/torbutton-abouttorproperties_completed] Update translations for torbutton-abouttorproperties_completed
Index(es):
- Author
- Thread