[tor-talk] Revoking your secret_id_key

Julian Yon julian at yon.org.uk
Tue Oct 4 09:41:18 UTC 2011


On 04/10/11 00:44, Nick Mathewson wrote:
> It might be worthwhile to add a feature where each Tor server
> generates a signed "permanent shutdown notice" at the same time it
> generates its key, and to suggest to node operators that they keep a
> copy of that notice someplace secure so that they can circulate it as
> needed if they need to prove that they are saying this node has been
> compromised.  It'd probably need a design proposal.  I'm not sure how
> much of a win it is over the GPG solution above: it saves some steps,
> but still requires you to make preparations in advance.

It's a win in that it makes the procedure for revocation explicit at the
beginning. Operators with less understanding of cryptography would most
likely be grateful for having that spelled out.


Julian

-- 
3072D/D2DE707D Julian Yon (2011 General Use) <pgp.2011 at jry.me>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 294 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20111004/f1d819a1/attachment.pgp>


More information about the tor-talk mailing list