[tor-commits] [torspec] 13/19: Document that keypairs should not double up roles, with example
gitolite role
git at cupani.torproject.org
Thu Jan 19 15:21:31 UTC 2023
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main
in repository torspec.
commit e1ee12e8107dd91599019eea84600666763e478c
Author: Ian Jackson <ijackson at chiark.greenend.org.uk>
AuthorDate: Tue Jan 17 18:22:08 2023 +0000
Document that keypairs should not double up roles, with example
---
tor-spec.txt | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tor-spec.txt b/tor-spec.txt
index c21fe49..8179a9d 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -277,6 +277,11 @@ see tor-design.pdf.
We write KP_relayid to refer to a key which is either
KP_relayid_rsa or KP_relayid_ed.
+ The same key or keypair should never be used for separate roles within
+ the Tor protocol suite, unless specifically stated. For example,
+ a relay's identity keys K_relayid should not also be used as the
+ identity keypair for a hidden service K_hs_id (see rend-spec-v3.txt).
+
2. Connections
Connections between two Tor relays, or between a client and a relay,
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tor-commits
mailing list