[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3507 [Tor Hidden Services]: Allow tor hidden services to delegate to operational public keys

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #3507 [Tor Hidden Services]: Allow tor hidden services to delegate to operational public keys
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Thu, 26 Jul 2012 18:18:22 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 27 Jul 2012 16:43:29 -0400
In-reply-to: <043.b613eb54444d65127697313e163f34f3@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.b613eb54444d65127697313e163f34f3@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#3507: Allow tor hidden services to delegate to operational public keys
---------------------------------+------------------------------------------
 Reporter:  pde                  |          Owner:  rransom         
     Type:  enhancement          |         Status:  new             
 Priority:  normal               |      Milestone:  Tor: unspecified
Component:  Tor Hidden Services  |        Version:                  
 Keywords:  needs-proposal       |         Parent:                  
   Points:                       |   Actualpoints:                  
---------------------------------+------------------------------------------
Changes (by proper):

 * cc: adrelanos@â (added)


Comment:

 I was about to propose the same. "Allow revocation of hidden service
 keys."

 That feature is useful if anyone hosts a hidden service on remote server
 not under his control. If remote server ever gets compromised one way or
 another (hacked, malicious, court order, whatever), the user has a chance
 to revoke his key and start fresh.

 (1) is a real pain, inconvenient and should be avoided unless you want to
 see less hidden services in future.

 (1) is also unnecessary when it's unlikely that the hidden service key
 gets compromised, i.e. in case Tor runs on a different physical system
 than the server software.

 My suggestion:
 When the hidden service key is created, create a master public key and an
 operational key. The master key can at any time revoke the operational
 key. All keys (master key, operational key) get stored in the usual
 folder. Warn and advise the user to move the master key to multiple
 encrypted backups.

 Make it an optional feature.

 Users who made a backup of the master key can create revocation keys and
 new public keys.

 If they didn't care to move the master key, the hidden service is lost.

 This way it's user friendly, flexible and secure.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3507#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5755 [Atlas]: Atlas could show "fraction of Tor network by weight" graphs over time?
Next by Author: Re: [tor-bugs] #6395 [Metrics Data Processor]: Can we remove GetTor statistics from metrics-*?
Previous by thread: Re: [tor-bugs] #5755 [Atlas]: Atlas could show "fraction of Tor network by weight" graphs over time?
Next by thread: [tor-bugs] #6473 [Analysis]: bandwidth related anonymity set reduction
Index(es):
- Author
- Thread