Re: [tor-dev] Proposal 284: Hidden Service v3 Control Port

Subject: Re: [tor-dev] Proposal 284: Hidden Service v3 Control Port

Date: Mon, 06 Nov 2017 15:44:26 +0000

Delivery-date: Mon, 06 Nov 2017 10:44:55 -0500

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=OxesqDwG68gtaGj0c+f5P/wo0kKsDr1eIav3upiIQH0=; b=YfQTPRHfK9PQtXpiWPHgmY46KgSC669WHoX6/sBTOaWpaGQa1hNORJyhPwZMbPNqPB 6ihvnD4QxDD8KMEe/Si06ZqAcIxqDqnA2bwLPVPGt6uJpqBRmX6J1MWWggfuSzpGdWQH pOrzMswa4FDiL3MK1QUj3NHxNs8cFvXq43dudcudC5RZVofMJY/GwHuRfM7m6rOKjkSm Frap1APYc93g+5H4ZKQnu2UlVIYh5/uigikCLRgk+FNWpuOpwHOTJ+AwBRwueYo5zKxo A/MCN6LhYbTl3Ia46Ul8QOPg9qJDbyWUkvANsUapXrrpVEcVcZwWFJiv3jOZDFGm+FkZ PQJA==

In-reply-to: <20171106145907.p7dm7dmqpnzlqsmj@raoul>

List-archive: <http://lists.torproject.org/pipermail/tor-dev/>

List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>

List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>

List-post: <mailto:tor-dev@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>

References: <20171106145907.p7dm7dmqpnzlqsmj@raoul>

Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hey David,

Are there any ways of revoking a service's key and should it be included as a control port function? For example, in the case that the master key is kept offline but the host and its descriptor signing key are compromised, the box could be run for a period of time(?) until the keys expire and need to be re-signed. That window could be forcefully closed remotely with a revocation that reports that key as compromised. I don't know how big that window is so I don't know how big of a risk it ends up being.

On Mon, Nov 6, 2017 at 9:59 AM David Goulet <dgoulet@xxxxxxxxx> wrote:

Hi everyone,

Attached is the proposal draft for the hidden service v3 contro port
specification.

The idea with this proposal is to _only_ extend the current commands and
events to v3. Nothing new is added. We can think of more things to add after
but for now, I wanted a baseline to start with that is only extending what
exists.

Any kind of feedbacks is welcome! :)

Cheers!
David

--
Zu3IyL4LcdnKNkQIZqEqaTNUapUEJFdEcN02dPwo5FQ=
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev