++ 20/01/16 21:59 +0000 - Oskar Wendel: >> [2] OK. Not entirely true, maybe. It may be possible to include those >> key in some listing of the directory authorities marking them as bad >> nodes. This is a manual process. > >There should be a possibility to automate this process. Something like... Yes. Just to make sure: this would solve only the problem that a key of HS may become compromised and some way of revocation should be available. It doesn't solve the other issues (as, making sure that some key actually does belong to the intended/expected owner). >1. HS owner realizes that his HS key has been stolen (but he still has >his copy) > >2. HS owner creates the "revocation message" for the onion address, signs >it with his key and submits it to the DHT the same way a HS descriptor >is uploaded The owner could create the revocation message right away and store it somewhere safe, just to make sure that if the key is stolen ánd deleted, the owner can still create a revocation certificate. -- Rejo Zenger E rejo@xxxxxxxxx | P +31(0)639642738 | W https://rejo.zenger.nl T @rejozenger | J rejo@xxxxxxxxx OpenPGP 1FBF 7B37 6537 68B1 2532 A4CB 0994 0946 21DB EFD4 XMPP OTR 271A 9186 AFBC 8124 18CF 4BE2 E000 E708 F811 5ACF Signal 05 EB 38 5C 01 0B 55 6A 19 69 E1 EF C2 99 89 EC 9C E4 88 3C 6F E3 7D 58 61 9B 32 E8 DB 9F ED 1B 2A
Attachment:
signature.asc
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk