[tor-talk] Improved HS key management
Nick Mathewson
nickm at alum.mit.edu
Sun Dec 29 18:38:01 UTC 2013
On Sat, Dec 28, 2013 at 4:15 PM, grarpamp <grarpamp at gmail.com> wrote:
> On Sat, Dec 28, 2013 at 6:46 AM, Gregory Maxwell <gmaxwell at gmail.com> wrote:
>> One of the current unfortunate properties of hidden services is that
>> the identity of the hidden service is its public key (or the
>
>> This is pretty bad for prudent key management— the key is very high
>> value because its difficult to change, and then stuck always online
>
> It's not difficult to change, you just change it.
> I'm pretty sure there's a ticket open involving most of this key
> management stuff, you could add any missing concepts to it.
> It's been on the list before too. And there's a second gen draft
> proposal on tor-dev/torspec.
Here's the latest version:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt
And see also:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/220-ecc-id-keys.txt
Comments solicited on the tor-dev list! The best time to get all of
this design stuff right is soon, since I'm hoping to start building it
before too much longer.
peace,
--
Nick
More information about the tor-talk
mailing list