[tor-dev] Proposal 284: Hidden Service v3 Control Port

AntiTree antitree at gmail.com
Mon Nov 6 15:44:26 UTC 2017


Hey David,

Are there any ways of revoking a service's key and should it be included as
a control port function? For example, in the case that the master key is
kept offline but the host and its descriptor signing key are compromised,
the box could be run for a period of time(?) until the keys expire and need
to be re-signed. That window could be forcefully closed remotely with a
revocation that reports that key as compromised. I don't know how big that
window is so I don't know how big of a risk it ends up being.

@

On Mon, Nov 6, 2017 at 9:59 AM David Goulet <dgoulet at ev0ke.net> wrote:

> Hi everyone,
>
> Attached is the proposal draft for the hidden service v3 contro port
> specification.
>
> The idea with this proposal is to _only_ extend the current commands and
> events to v3. Nothing new is added. We can think of more things to add
> after
> but for now, I wanted a baseline to start with that is only extending what
> exists.
>
> Any kind of feedbacks is welcome! :)
>
> Cheers!
> David
>
> --
> Zu3IyL4LcdnKNkQIZqEqaTNUapUEJFdEcN02dPwo5FQ=
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20171106/e120b0d6/attachment.html>


More information about the tor-dev mailing list