[tor-bugs] #6088 [Tor]: Gather data about possible transition to 2048bit RSA/DHE
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 12 14:50:50 UTC 2014
#6088: Gather data about possible transition to 2048bit RSA/DHE
-------------------------+-------------------------------------------------
Reporter: ioerror | Owner: ioerror
Type: | Status: new
enhancement | Milestone: Tor: 0.2.6.x-final
Priority: normal | Version: Tor: unspecified
Component: Tor | Keywords: tor-relay needs-analysis needs-
Resolution: | proposal
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------------------
Changes (by nickm):
* milestone: Tor: 0.2.5.x-final => Tor: 0.2.6.x-final
Comment:
Fine punting to 0.2.6. (The backport will be that it either works or it
doesn't.)
AFAICT, it doesn't do us any good to make the RSA link certificates longer
unless we do it as part of some kind of effort like prop220.
Argument: Since we're using an adequate EC group for our ECDHE, we get
forward secrecy except against an active MITM. But any MITM that's enabled
by RSA1024 would work just as well if we increased the link key size to
2048 bits, since the identity key size is still RSA1024 until we implement
proposal 220.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6088#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list