[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #3507 [Tor Hidden Services]: Allow tor hidden services to delegate to operational public keys
#3507: Allow tor hidden services to delegate to operational public keys
---------------------------------+------------------------------------------
Reporter: pde | Owner: rransom
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor Hidden Services | Version:
Keywords: | Parent:
Points: | Actualpoints:
---------------------------------+------------------------------------------
Comment(by pde):
Under scheme (1), where the hidden service key is airgapped, and a set of
pre-computed, signed descriptors for the operational key is stored on the
operational server, the tricky question is "how large should that pre-
computed set of descriptors be?".
If it's small, the service operator will have to frequently use their
airgapped system to make new descriptors and install them on the
operational system.
If it's large, then an attacker who compromises the operational system
will be able to keep control (or at least partial control?) of the hidden
service for an extended period of time.
Designs (2) and (3) have the virtue that the operator does not need to
ferry data between their airgapped and operational systems, unless and
until the operational system is compromised.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3507#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs