[tor-talk] Revoking a hidden service key

Adrien Johnson adrienj at adrienj.com
Tue Mar 3 00:56:39 UTC 2015


Hello all,

If a hidden service operator becomes aware their hidden service private 
key has been compromised, for instance if hidden service descriptors 
signed with their private key are published that they did not create 
themselves, there should be a way for the hidden service operator to 
revoke trust in the key and prevent attackers from hijacking traffic to 
their .onion domain. I have read the current directory spec, and the 
current and proposed Rendezvous spec, but I cannot find any support for 
this.

Is hidden service revocation like that possible in the current design, 
or have I overlooked something?

If it is not currently possible, I suggest it could be implemented as a 
hidden service descriptor listing zero introductory points, and having a 
special timestamp value which should never appear in ordinary usage, 
1970-1-1 for instance. Hidden Service Directories upon receiving such a 
'revocation' descriptor should immediately discard any other descriptors 
for that hidden service and should refuse to accept any further 
descriptors for that service. Hidden service directories should retain 
such a descriptor indefinitely.

The existence of such a revocation mechanism would strengthen the idea 
of "controlling" a hidden service or .onion domain. Up until now all a 
hidden service owner could do to prove they control a hidden service was 
sign something to show they had the key. If this revocation mechanism 
existed, they would also be able to show strong evidence that they are 
the only one that possesses that key.

Does this sound like a useful feature? Does my suggested implantation 
hold water? Any comments appreciated.
-Adrien Johnson


More information about the tor-talk mailing list