[tor-dev] TorHS related files re-organization ?

Fabio Pietrosanti (naif) lists at infosecurity.ch
Sun Mar 18 15:50:58 UTC 2012


On 3/18/12 2:40 PM, Jeroen Massar wrote:
> On 2012-03-18 13:57 , Fabio Pietrosanti (naif) wrote:
>> On 3/18/12 1:09 PM, Jeroen Massar wrote:
>>>
>>>
>>> On 18 Mar 2012, at 12:46, "Fabio Pietrosanti (naif)" <lists at infosecurity.ch> wrote:
>>>
>>>> - Security issue
>>>>
>>>> Looking at the server seizure threat scenario, who seize the computer
>>>> running TorHS will be able to know the identity of the TorHS itself by
>>>> looking at the "hostname" file
>>>
>>> Why not simply use Full Disk Encryption or similar to protect all the data files, hat avoids a compromise for any file on the system, heck if hey turn the box off they can't even see there is Tor on it at all. also heavily note that the actual content served is likely much more valuable and you will want to protect that too.
>>
>> Yes, but any application that store "sensitive data" like keys should
>> provide an integrated way to protect such sensitive data.
>>
>> Think about the "keychain" of PGP, or keychain of Firefox for digital
>> certificate, etc, etc
>>
> 
>> All major applications that need to handle "keys" support a built-in
>> feature to provide different degree of protection for such "keys".
> 
> And you want to add another one that has to be separately managed? :)

Well, that's the point, it must be flexible because it should in theory
be possible to hook it on different keychains.
It would make perfect sense to integrate it with Mac OSX keychain like
already happens for x509v3 certificates.

But it would be also required also to have a "portable" and
self-contained keychain.
This would be required to be able to work with TBB and/or other portable
applications that would like to bundle Tor (TorChat, GlobaLeaks, etc).

-naif


More information about the tor-dev mailing list