[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] sketch: An alternative prop224 authentication mechanism based on curve25519
> On 18 Nov. 2016, at 09:20, David Goulet <dgoulet@xxxxxxxxx> wrote:
>
> On 18 Nov (08:27:53), teor wrote:
>>
>>> On 18 Nov. 2016, at 03:52, David Goulet <dgoulet@xxxxxxxxx> wrote:
>>>
>>>>
>>>> I ended up using the x25519 scheme described above by Nick.
>>>>
>>>> I also ended up dodging the UX questions raised on this thread, by only
>>>> specifying the Tor protocol level details, and leaving the out-of-band
>>>> HS<->client protocol mostly unspecified. I believe that this out-of-band
>>>> protocol and configuration details can be figured out in the future, and
>>>> we should not block on them right now.
>>>
>>> Yes, I believe this is fine. Note that tor-keygen tool is getting another
>>> _very_ important use case here that is the key generation on client side.
>>
>> The tor-keygen tool is not currently included in the Tor Browser bundle.
>> So we would have to add it (or provide an alternate method) for Tor Browser
>> users.
>
> It also does not really exists :). But we have a ticket for it and it's
> very important also for HS offline keys!
Oh right, I had it confused with tor-gencert.
> And yes, I like you idea that TBB should have it included coupled with a
> nice UI for HS auth.
And the Tor Expert Bundle (Windows) so people can run HSs on Windows using
it.
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev