Re: [tor-bugs] #12254 [Tor]: Tonga should sign its bridge networkstatus doc? Or maybe change format to v3-style vote?

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#12254: Tonga should sign its bridge networkstatus doc? Or maybe change format to
v3-style vote?
-------------------------+-------------------------------------------------
     Reporter:  arma     |      Owner:
         Type:           |     Status:  new
  enhancement            |  Milestone:  Tor: unspecified
     Priority:  normal   |    Version:
    Component:  Tor      |   Keywords:  bridgedb-parsers, metrics-db,
   Resolution:           |  bridgeauth,
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------------------

Comment (by isis):

 Replying to [comment:3 shamrock]:
 > Replying to [comment:1 isis]:
 > [...]
 > >  '''2a. Make the BridgeAuth sign''', or,
 > >
 > >         So far, I only care about this one.
 >
 > If you choose to implement 2a., may I recommend for the new design to
 permit storing the signing keys and performing the signature operations on
 an HSM? Even if the initial iteration of the implementation does not
 leverage hardware-protected cryptographic keys.

 I actually do not know how general support for all HSM devices could be
 implemented trivially. For the TPM world, I believe the standard is to use
 `libtrousers`. However this would be a different set of ''major'' changes
 to tor to add such support, and so, if it were to be done, I think it
 warrants its own ticket (and discussion).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12254#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs