>>>We already distribute different keys for the current protocol. But the one I proposed is insecure so we might as well forget about it. Schnorr signatures are secure and are intended for this purpose, but we can only use them after 2008.
I was suggesting replacing the second key with the new key.the way things are done now, each OR has two public keys in its router descriptor. you are, I think, suggesting that another be added. I was just wondering if you had considered the extra bandwidth load this puts on the directory servers. If the extra load is substantial (maybe it isn't, i don't know), then maybe we shouldn't give the ORs another public key to manage just to save one 1024-bit exponentiation.
-James
ah.. that makes sense to me now.
-James