[tor-dev] is the consensus document unpredictable / unique?
twim at riseup.net
Sun Jun 26 13:55:03 UTC 2016
> And if the private key is on a smartcard, and the smartcard is plugged
> in the host all the time, what's the gain? I am not saying there isn't
> any, I just don't see it at this moment. One I can think of is that
> malware and/or someone hacking can't copy the private key and hijack the
> hidden service, but the risk remains in case someone physically sizes
> the server ("host").
Not necessarily. If you do a setup which drops power for the smartcard
in case of seizure* (disconnects it) then you're going to be safe™. You
have to have a PIN-protected card for this to work.
* A bit tricky, I know.
More information about the tor-dev