[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] documentation for new offline master key functionality (--keygen is undocumented)




>>>> Is the offline master key limited to ed25519 keys and useless
>>>>> while using ed25519 + RSA keys at the same time? (because the
>>>>> RSA key is not offline?)
>>> Hmmm. Probably yes. Until transition (until we remove permanently
>>> RSA identities) only the ed25519 key will be protected, RSA key
>>> will have to be online. Even in this case, directory authorities
>>> remember relays by their ed25519 + RSA pair of identities. If
>>> just one of them changes, that relay will be rejected.
>> Ok, so I guess the only reason to use offline master keys now is to
>> not have to start from scratch once RSA keys are deprecated for
>> real.
> 
> A compromised relay's RSA key can't be used to run another relay
> without the corresponding offline ed25519 key. (I am assuming that a
> RSA key with a missing ed25519 key is treated the same as a RSA key
> with a different ed25519 key: the authorities reject the relay with
> the missing ed25519 key from the consensus.)
> 
> This is a good reason to use offline ed25519 master keys, which
> doesn't relay on RSA keys being deprecated/removed.

According to tor's changelog, key pinning is not enforced currently
(changelog of 0.2.7.3-rc):

https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=release-0.2.7#n89

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev