[tor-bugs] #29677 [Internal Services/Tor Sysadmin Team]: evaluate password management options

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue May 5 19:38:12 UTC 2020


#29677: evaluate password management options
-------------------------------------------------+-------------------------
 Reporter:  anarcat                              |          Owner:  tpa
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  Low                                  |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by sysrqb):

 Replying to [comment:10 anarcat]:
 > i'm running with the assertion that a password manager solves both the
 storage and sharing aspects of the password management problem. sharing
 and storing are, generally, tangled together in any case: when you send an
 email, for example, it gets stored in a queue. there are mechanisms to
 store passwords without sharing them (e.g. secure enclaves) but those can
 have dubious properties (e.g. being exploitable, like Intel's).

 This was my thought, as well.

 >
 > but it is true it might be useful to consider hardware tokens for
 signing things, in the case of software releases and, indeed, that is how
 Debian is deploying secureboot right now. the advantage is that even in a
 compromise, the private key cannot (in theory) be stolen, so you have a
 limit to what an attacker can do.
 >
 > is this part of your threat model?

 Yes, (almost) all of our keys are stored in hardware tokens. We have
 separate signing infrastructure where these are attached to machines.
 However, I'd like a way for sharing the passphrases that allow signing.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29677#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list