[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] HS v3 client authorization types



On 18 May (19:03:09), George Kadianakis wrote:
> Ian Goldberg <iang@xxxxxxxxxxxxxxx> writes:
> 
> > On Thu, May 10, 2018 at 12:20:05AM +0700, Suphanat Chunhapanya wrote:
> >> On 05/09/2018 03:50 PM, George Kadianakis wrote:
> >> > b) We might also want to look into XEdDSA and see if we can potentially
> >> >    use the same keypair for both intro auth (ed25519) and desc auth
> >> (x25519).
> >> 
> >> This will be a great advantage if we can do that because putting two
> >> private keys in the HidServAuth is so frustrating.
> >
> > The private key for intro auth is used to make a signature (that will be
> > different per client), while the private key for desc auth is used to
> > decrypt the descriptor (which will be the same for all clients), no?
> >
> 
> Hm. Both intro auth and desc auth keys are different for each client. In
> the case of desc auth we do that so that we can revoke a client without
> needing to refresh desc auth keys for all other clients.

Following yesterday's discussion on IRC with haxxpop and asn, and some more
today, I worked on a revised version of the spec:

https://gitweb.torproject.org/user/dgoulet/torspec.git/commit/?h=ticket20700_01

Probably will be easier to just read the whole thing instead of the diff:

https://gitweb.torproject.org/user/dgoulet/torspec.git/tree/rend-spec-v3.txt?h=ticket20700_01#n2279

So the idea is that instead of making the HS client/operator have to pass
around portions of a file containing private and public keys, it is to
logically seperate them so that the operator only deals with one single file
when wanting to transmit the keys to a client.

Thoughts?
David

-- 
fbv5H3G6O9hLu6Txl6sNIg/unJ95a7iOi43Afzw8ROs=

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev