[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Using RSA key for signing and for decrypting
- To: or-dev@freehaven.net
- Subject: Using RSA key for signing and for decrypting
- From: Roger Dingledine <arma@mit.edu>
- Date: Tue, 8 Apr 2003 15:51:03 -0400
- Delivered-to: archiver@seul.org
- Delivered-to: or-dev-outgoing@seul.org
- Delivered-to: or-dev@seul.org
- Delivery-date: Tue, 08 Apr 2003 15:51:09 -0400
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-dev@freehaven.net
- User-agent: Mutt/1.2.5.1i
I'm getting around to putting signatures on the directories, now.
Fortunately, the source distribution already comes with a 'dirservers'
file, which includes the public key of each directory server.
This public key is used in handshaking between onion routers and others,
to verify that they are who they should be. (Stuff is encrypted under
the public key, and then they confirm that they could learn it.)
So we're all set: we'll just use this key for signing directories too.
Except I have some vague memory that using the same key for both signing
and crypting is a bad idea. In the interests of simplicity, I'd rather
avoid putting in a second key; can somebody confirm for me that I should,
or can I get away with using the same key?
--Roger