[tor-dev] documentation for new offline master key functionality (--keygen is undocumented)

nusenu nusenu at openmailbox.org
Sun Nov 15 17:51:07 UTC 2015


>> Is the offline master key limited to ed25519 keys and useless
>> > while using ed25519 + RSA keys at the same time? (because the RSA
>> > key is not offline?)
>> > 
> Hmmm. Probably yes. Until transition (until we remove permanently RSA
> identities) only the ed25519 key will be protected, RSA key will have
> to be online. Even in this case, directory authorities remember relays
> by their ed25519 + RSA pair of identities. If just one of them
> changes, that relay will be rejected.

Ok, so I guess the only reason to use offline master keys now is to not
have to start from scratch once RSA keys are deprecated for real.

thanks for your answers!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20151115/96282395/attachment.sig>


More information about the tor-dev mailing list