[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
From: "Sebastian G. <bastik.tor>" <bastik.tor@xxxxxxxxxxxxxx>
Date: Tue, 13 Aug 2013 20:54:57 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 13 Aug 2013 14:55:12 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=DFIBvateCPdXrP9JdWGICEbbUh/kqZWI4hnfYl/NSVA=; b=iip/NiuBvedx+LknNQOCCFtqSvb8kfmJf3T6T33Shj+OHNdd5ecYhZ6AdV6CFG74qU 28sl9JYqzQ7S3Pyuz/JAAb3H9S/n6UD3GTirmm/tRU9E20R6jiCnnKevY04LMNGO0PZQ uGxx4jTh+XHgeeb9XCAf2czQuc2hzO3mu9JHDHK9B0FqVnUs8pQ4fZWL2zKcFclLumkp y5C03IcB0MthXoeM4M3E+HMcTqWW0i/LDJn6EG1SXB3LTRezt3HECMMDLLkfC7jjKVkM 3acq8TSG++f+nj9gOmizzTrxYH1vMny29KbtHSqIeqC7bAaQlnxevV4+Gw65J7Qt6TWc peFA==
In-reply-to: <CAKDKvuzYUFMQFQJ=wn45oTVfPfw-0Ak8T95eh7SN6vWnf6Xhyg@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuzYUFMQFQJ=wn45oTVfPfw-0Ak8T95eh7SN6vWnf6Xhyg@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

13.08.2013 Nick Mathewson:
> 6. Naming nodes in the interface
> 
>    Anywhere in the interface that takes an $identity should be able to
>    take an ECC identity too.  ECC identities are case-sensitive base64
>    encodings of Ed25519 identity keys. You can use $ to indicate them as
>    well; we distinguish RSA identity digests length.
> 
>    When we need to indicate an Ed25519 identity key in an hostname
>    format (as in a .exit address), we use the lowercased version of the
>    name, and perform a case-insensitive match.  (This loses us one bit
>    per byte of name,

Did you plan to use a closing bracket or is something missing?

>    Nodes must not list Ed25519 identities in their family lines; clients
>    and authorities must not honor them there.

Why not including them in their family lines? Clients and Authorities
still can ignore them.

>    Clients shouldn't accept .exit addresses with Ed25519 names on SOCKS
>    or DNS ports by default, even when AllowDotExit is set.

Do you suggest a new torrc option or extending AllowDotExit, with 2?

Regards,
Sebastian G.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
  - From: grarpamp
- Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
  - From: Nick Mathewson

References:
- [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
  - From: Nick Mathewson

Prev by Author: Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
Next by Author: Re: [tor-dev] Global semi-passive adversary: suggestion of using expanders
Previous by thread: Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
Next by thread: Re: [tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
Index(es):
- Author
- Thread