[tor-bugs] #5968 [Tor Relay]: Improve onion key management
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Jun 11 21:11:06 UTC 2012
#5968: Improve onion key management
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner:
Type: enhancement | Status: new
Priority: major | Milestone: Tor: unspecified
Component: Tor Relay | Version:
Keywords: | Parent: #5456
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by nickm):
The background assumption here is apparently an attacker who can steal
identity keys, but who can't/won't mess with running servers otherwise, or
who is likelier to get caught if they do.
This part makes good sense, and requires no spec change:
> As a best practice behavior, a relay should check that the onion key it
tried to publish is actually the one it sees in the consensus in which it
appears.
This part is probably not feasible:
> The onion key should also be what authenticates the TLS key (rather than
the identity key, as it is now).
(because onion keys are not signing keys)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list