[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5968 [Tor Relay]: Improve onion key management
#5968: Improve onion key management
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner:
Type: enhancement | Status: new
Priority: major | Milestone: Tor: unspecified
Component: Tor Relay | Version:
Keywords: | Parent: #5456
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by nickm):
The background assumption here is apparently an attacker who can steal
identity keys, but who can't/won't mess with running servers otherwise, or
who is likelier to get caught if they do.
This part makes good sense, and requires no spec change:
> As a best practice behavior, a relay should check that the onion key it
tried to publish is actually the one it sees in the consensus in which it
appears.
This part is probably not feasible:
> The onion key should also be what authenticates the TLS key (rather than
the identity key, as it is now).
(because onion keys are not signing keys)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs