[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5563 [Tor Relay]: Better support for ephemeral relay identity keys

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5563 [Tor Relay]: Better support for ephemeral relay identity keys
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 04 Apr 2012 01:51:43 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 03 Apr 2012 21:51:54 -0400
In-reply-to: <049.b5e434107d7a42947f65afee6a37e28d@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.b5e434107d7a42947f65afee6a37e28d@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5563: Better support for ephemeral relay identity keys
-------------------------+--------------------------------------------------
 Reporter:  mikeperry    |          Owner:       
     Type:  enhancement  |         Status:  new  
 Priority:  normal       |      Milestone:       
Component:  Tor Relay    |        Version:       
 Keywords:               |         Parent:  #5456
   Points:               |   Actualpoints:       
-------------------------+--------------------------------------------------

Comment(by mikeperry):

 arma: I don't think so. I think I'm actually most concerned about our TLS
 keys, which I believe are rotated daily. But this rotation doesn't help if
 you assume an active adversary operating upstream from you. Can't they
 just take whatever keys you create and toss them away and re-sign new ones
 they control, using the identity key?

 nickm: I don't think relays have as much need for persistent identity as
 the dirauths do. At worst, if your OS crashes, you spend a few days being
 remeasured by the bandwidth auths... Also, personally I wouldn't want to
 deal with the hassle of creating a revocation statement and issuing a new
 "relay" key every time my box rebooted. I can barely keep up with rotating
 the things manually right now every reboot, hence the ramdisk suggestion
 to make it automatic.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5563#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #5563 [Tor Relay]: Better support for ephemeral relay identity keys
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #5565 [Tor Relay]: MyFamily should provide an alternate non-idhex subscription mechanism
Next by Author: Re: [tor-bugs] #5563 [Tor Relay]: Better support for ephemeral relay identity keys
Previous by thread: Re: [tor-bugs] #5563 [Tor Relay]: Better support for ephemeral relay identity keys
Next by thread: Re: [tor-bugs] #5563 [Tor Relay]: Better support for ephemeral relay identity keys
Index(es):
- Author
- Thread