[tor-bugs] #12254 [Tor]: Tonga should sign its bridge networkstatus doc? Or maybe change format to v3-style vote?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Aug 7 05:20:28 UTC 2014
#12254: Tonga should sign its bridge networkstatus doc? Or maybe change format to
v3-style vote?
-------------------------+-------------------------------------------------
Reporter: arma | Owner:
Type: | Status: new
enhancement | Milestone: Tor: unspecified
Priority: normal | Version:
Component: Tor | Keywords: bridgedb-parsers, metrics-db,
Resolution: | bridgeauth,
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------------------
Comment (by isis):
Replying to [comment:3 shamrock]:
> Replying to [comment:1 isis]:
> [...]
> > '''2a. Make the BridgeAuth sign''', or,
> >
> > So far, I only care about this one.
>
> If you choose to implement 2a., may I recommend for the new design to
permit storing the signing keys and performing the signature operations on
an HSM? Even if the initial iteration of the implementation does not
leverage hardware-protected cryptographic keys.
I actually do not know how general support for all HSM devices could be
implemented trivially. For the TPM world, I believe the standard is to use
`libtrousers`. However this would be a different set of ''major'' changes
to tor to add such support, and so, if it were to be done, I think it
warrants its own ticket (and discussion).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12254#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list