[tor-bugs] #3507 [Tor Hidden Services]: Allow tor hidden services to delegate to operational public keys

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Jul 26 18:18:22 UTC 2012 

#3507: Allow tor hidden services to delegate to operational public keys
---------------------------------+------------------------------------------
 Reporter:  pde                  |          Owner:  rransom         
     Type:  enhancement          |         Status:  new             
 Priority:  normal               |      Milestone:  Tor: unspecified
Component:  Tor Hidden Services  |        Version:                  
 Keywords:  needs-proposal       |         Parent:                  
   Points:                       |   Actualpoints:                  
---------------------------------+------------------------------------------
Changes (by proper):

 * cc: adrelanos@… (added)


Comment:

 I was about to propose the same. "Allow revocation of hidden service
 keys."

 That feature is useful if anyone hosts a hidden service on remote server
 not under his control. If remote server ever gets compromised one way or
 another (hacked, malicious, court order, whatever), the user has a chance
 to revoke his key and start fresh.

 (1) is a real pain, inconvenient and should be avoided unless you want to
 see less hidden services in future.

 (1) is also unnecessary when it's unlikely that the hidden service key
 gets compromised, i.e. in case Tor runs on a different physical system
 than the server software.

 My suggestion:
 When the hidden service key is created, create a master public key and an
 operational key. The master key can at any time revoke the operational
 key. All keys (master key, operational key) get stored in the usual
 folder. Warn and advise the user to move the master key to multiple
 encrypted backups.

 Make it an optional feature.

 Users who made a backup of the master key can create revocation keys and
 new public keys.

 If they didn't care to move the master key, the hidden service is lost.

 This way it's user friendly, flexible and secure.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3507#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list