[tor-dev] Alternative directory format for v3 client auth

George Kadianakis desnacked at riseup.net
Wed Aug 8 16:25:22 UTC 2018

George Kadianakis <desnacked at riseup.net> writes:

> Hello haxxpop and David,
> here is a patch with an alternative directory format for v3 client auth
> crypto key bookkeeping as discussed yesterday on IRC:
>        https://github.com/torproject/torspec/pull/23
> Thanks for making me edit the spec because it made me think of various
> details that had to be thought of.

Hello again,

there have been many discussions about client auth since that last email
a month ago. Here is a newer branch that we want to get merged so that
we proceed with implementation: https://github.com/torproject/torspec/pull/33

The first commit is the same as in the original post, and all subsequent
commits are improvements on top of it.

Here are a few high-level changes that were made after discussion:

- Ditched intro auth for now, since descriptor auth is sufficient for
  our threat model, and trying to support two different auth types would
  complicate things.

- Opted for a KISS design for now where we don't ask Tor to generate
  client auth keys neither on the client side or on the service side.
  For now we assume that client/service-side generated their keys with
  an external tool, and we will build such tools in the future, instead
  of spending too much time bikeshedding about it right now.

- Client auth is enabled if the client auth directory is populated with
  the right files, instead of relying on torrc switches etc.

Furthermore, the last three commits are quick mainly-cosmetic changes I
did alone before posting this here. Inform me if you don't like those.

I'll let this simmer here for a few days before merging it in torspec.
Let me know if you have questions! Thanks for reading!

More information about the tor-dev mailing list