[tor-bugs] #3507 [Tor Hidden Services]: Allow tor hidden services to delegate to operational public keys

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Fri Jul 8 16:39:33 UTC 2011 

#3507: Allow tor hidden services to delegate to operational public keys
---------------------------------+------------------------------------------
 Reporter:  pde                  |          Owner:  rransom
     Type:  enhancement          |         Status:  new    
 Priority:  normal               |      Milestone:         
Component:  Tor Hidden Services  |        Version:         
 Keywords:                       |         Parent:         
   Points:                       |   Actualpoints:         
---------------------------------+------------------------------------------

Comment(by rransom):

 Replying to [comment:2 pde]:
 > One significant design decision when implementing this feature will be
 how to handle rollovers in the operational key.  Three types of solutions
 would be (1) delegations that expire after a standard period of time; (2)
 having the client poll for revocations; (3) letting the hidden service key
 push revocations.
 >
 > (3) sounds most elegant but I don't understand the hidden service
 descriptor DHT sufficiently to know whether it could be implemented in an
 easy and reliable way.
 >
 > (1) is a total pain for hidden service operators that should be avoided
 if possible.
 >
 > One way that (2) could be implemented is that hidden service descriptors
 could include a second, ordinary .onion address that may be polled for
 revocation information.

 Our current HSDir system stores hidden service descriptors only in memory,
 and only for up to 48 hours (normally only about 24 hours, and I wouldn't
 count on being able to republish the same descriptor for more than about
 12 hours).  The only option that might be backwards-compatible with our
 current HS directory system is (1), and that's not actually so bad (you
 would need only one or two pre-computed signed descriptors for each
 12-hour period).

 I'm inclined to stick with (1) even when we design a new HS protocol and
 directory system -- the space cost for enough information to reconstitute
 a ‘delegation certificate’ should be quite tiny.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3507#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list