[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #6088 [Tor]: Gather data about possible transition to 2048bit RSA/DHE

Subject: Re: [tor-bugs] #6088 [Tor]: Gather data about possible transition to 2048bit RSA/DHE
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 12 Mar 2014 14:50:50 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 12 Mar 2014 10:51:07 -0400
In-reply-to: <047.dedab1dbf07764d489f536f884303d26@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.dedab1dbf07764d489f536f884303d26@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#6088: Gather data about possible transition to 2048bit RSA/DHE
-------------------------+-------------------------------------------------
     Reporter:  ioerror  |      Owner:  ioerror
         Type:           |     Status:  new
  enhancement            |  Milestone:  Tor: 0.2.6.x-final
     Priority:  normal   |    Version:  Tor: unspecified
    Component:  Tor      |   Keywords:  tor-relay needs-analysis needs-
   Resolution:           |  proposal
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------------------
Changes (by nickm):

 * milestone:  Tor: 0.2.5.x-final => Tor: 0.2.6.x-final


Comment:

 Fine punting to 0.2.6. (The backport will be that it either works or it
 doesn't.)

 AFAICT, it doesn't do us any good to make the RSA link certificates longer
 unless we do it as part of some kind of effort like prop220.

 Argument: Since we're using an adequate EC group for our ECDHE, we get
 forward secrecy except against an active MITM. But any MITM that's enabled
 by RSA1024  would work just as well if we increased the link key size to
 2048 bits, since the identity key size is still RSA1024 until we implement
 proposal 220.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6088#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #10168 [Tor]: Use monotonic clocks for time as appropriate
Next by Author: Re: [tor-bugs] #9683 [Tor]: circuit_unlink_all_from_channel() is a performance bottleneck?
Previous by thread: Re: [tor-bugs] #6088 [Tor]: Gather data about possible transition to 2048bit RSA/DHE
Next by thread: Re: [tor-bugs] #6088 [Tor]: Gather data about possible transition to 2048bit RSA/DHE
Index(es):
- Author
- Thread