On 24 Mar (16:55:57), George Kadianakis wrote:George Kadianakis <desnacked@xxxxxxxxxx> writes:
[ text/plain ] Hello,
so we had a meeting about the future of "Next Generation Hidden Services" aka prop224. It was a good meeting.
We spent most of the time discussing the topics brought up here: https://lists.torproject.org/pipermail/tor-dev/2016-March/010534.html Please read the above mail to get up to speed with the topics of discussion.
<snip>
b) In prop224, why do intro points need to know the "intro point encryption key" and also what's the point of UPDATE-KEYS-SUBCMD?
Nick told us that the main point of UPDATE-KEYS-SUBCMD is that so hidden services can rotate their intro point encryption key periodically, so that they can reset their replay caches.
That's a fair point. The big question here is, is this worth the complexity that MAINT_INTRO and UPDATE-KEYS-SUBCMD add to the protocol logic?
I'm not convinced that this feature is necessary.
I think we should remove it, and if it looks like it's needed later, we can write a separate, small proposal for it that gives reasons why it's needed.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP 968F094B
teor at blah dot im OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
|