[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Improved HS key management

On Sat, Dec 28, 2013 at 1:15 PM, grarpamp <grarpamp@xxxxxxxxx> wrote:
> On Sat, Dec 28, 2013 at 6:46 AM, Gregory Maxwell <gmaxwell@xxxxxxxxx> wrote:
>> One of the current unfortunate properties of hidden services is that
>> the identity of the hidden service is its public key (or the
>> This is pretty bad for prudent key managementâ the key is very high
>> value because its difficult to change, and then stuck always online
> It's not difficult to change, you just change it.
> I'm pretty sure there's a ticket open involving most of this key
> management stuff, you could add any missing concepts to it.
> It's been on the list before too. And there's a second gen draft
> proposal on tor-dev/torspec.

It absolutely is difficult to changeâ you can only "just change it" if
no one uses it.  Otherwise you're chasing people to change addresses
on websites and in software, and the static addresses in people's
bookmarks are vulnerabilitiesâ both if the key falls into an attackers
hands but also because if users become used to the URL just changing
they'll believe it when an attacker DOS attacks the URL while
publishing a new one. Copies of the old name lurk around for years
hitting unsuspecting people, etc.

Sure, it's not the end of the world. Life goes on, and even with good
key management possible, many won't use it.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to