[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Improved HS key management



On Sat, Dec 28, 2013 at 4:15 PM, grarpamp <grarpamp@xxxxxxxxx> wrote:
> On Sat, Dec 28, 2013 at 6:46 AM, Gregory Maxwell <gmaxwell@xxxxxxxxx> wrote:
>> One of the current unfortunate properties of hidden services is that
>> the identity of the hidden service is its public key (or the
>
>> This is pretty bad for prudent key management— the key is very high
>> value because its difficult to change, and then stuck always online
>
> It's not difficult to change, you just change it.
> I'm pretty sure there's a ticket open involving most of this key
> management stuff, you could add any missing concepts to it.
> It's been on the list before too. And there's a second gen draft
> proposal on tor-dev/torspec.

Here's the latest version:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt

And see also:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/220-ecc-id-keys.txt

Comments solicited on the tor-dev list!  The best time to get all of
this design stuff right is soon, since I'm hoping to start building it
before too much longer.

peace,
-- 
Nick
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk