Using RSA key for signing and for decrypting

Roger Dingledine arma at mit.edu
Tue Apr 8 19:51:03 UTC 2003


I'm getting around to putting signatures on the directories, now.
Fortunately, the source distribution already comes with a 'dirservers'
file, which includes the public key of each directory server.

This public key is used in handshaking between onion routers and others,
to verify that they are who they should be. (Stuff is encrypted under
the public key, and then they confirm that they could learn it.)

So we're all set: we'll just use this key for signing directories too.

Except I have some vague memory that using the same key for both signing
and crypting is a bad idea. In the interests of simplicity, I'd rather
avoid putting in a second key; can somebody confirm for me that I should,
or can I get away with using the same key?

--Roger



More information about the tor-dev mailing list