[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3507 [Tor Hidden Services]: Allow tor hidden services to delegate to operational public keys



#3507: Allow tor hidden services to delegate to operational public keys
---------------------------------+------------------------------------------
 Reporter:  pde                  |          Owner:  rransom
     Type:  enhancement          |         Status:  new    
 Priority:  normal               |      Milestone:         
Component:  Tor Hidden Services  |        Version:         
 Keywords:                       |         Parent:         
   Points:                       |   Actualpoints:         
---------------------------------+------------------------------------------

Comment(by pde):

 One significant design decision when implementing this feature will be how
 to handle rollovers in the operational key.  Three types of solutions
 would be (1) delegations that expire after a standard period of time; (2)
 having the client poll for revocations; (3) letting the hidden service key
 push revocations.

 (3) sounds most elegant but I don't understand the hidden service
 descriptor DHT sufficiently to know whether it could be implemented in an
 easy and reliable way.

 (1) is a total pain for hidden service operators that should be avoided if
 possible.

 One way that (2) could be implemented is that hidden service descriptors
 could include a second, ordinary .onion address that may be polled for
 revocation information.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3507#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs