[tor-dev] Proposal 228: Cross-certifying identity keys with onion keys
Nick Mathewson
nickm at alum.mit.edu
Wed Feb 26 16:27:54 UTC 2014
On Wed, Feb 26, 2014 at 3:17 AM, grarpamp <grarpamp at gmail.com> wrote:
>> that key (since you don't have the private key). You _could_ do
>> something weird in the TAP protocol where you .
>>
>
> Seems an editing/thought dropoff up there, it happens.
Sorry, I do that a lot. It happens because I tend to write three or
four sentences at the same time. I start writing one, then realize I
need to write another, so I begin another sentence without finishing
the first. Then it happens again, and I start a third sentence
without finishing the second, and so on. Usually, I finish all the
sentences as I walk back up my stack, but that still leaves more than
a handful unfinished.
In any case, I just expanded that sentence to read:
(You _could_ do something weird in the TAP protocol where you
receive an onionskin that you can't process, relay it to the
party who can process it, and receive a valid reply that you
could send back to the user. But this makes you a less effective
man-in-the-middle than you would be if you had just generated
your own onion key. The ntor protocol shuts down this
possibility by including the router identity in the material to
be hashed, so that you can't complete an ntor handshake unless
the client agrees with you about what identity goes with your
ntor onion key.)
Thanks for catching this,
--
Nick
More information about the tor-dev
mailing list