[Cryptech Tech] Requirements for signing the Tor consensus (was: Stockholm next week)
Linus Nordberg
linus at nordberg.se
Wed Mar 5 11:00:29 UTC 2014
Randy Bush <randy at psg.com> wrote
Wed, 05 Mar 2014 06:42:38 +0000:
| [ moved to tech ]
|
| >> i would like to get a vision of who our first few 'customers' will
| >> be. dnssec and rpki roots are obvious. who else?
| >
| > Seven out of nine Tor directory authorities now sign their votes and
| > consensus with a 2048 bit RSA key. I'd be interested in exploring a
| > way of building something that would move those keys off of general
| > purpose computers.
|
| why would this not be very easy if one is already meeting rpki root?
I know nothing about RPKI. Tor directory authorities currently use RSA
(with SHA1 or SHA256) for signing. Ordinary relays can nowadays use
Ed25519 (with SHA512) in addition, something I would expect authorities
to start doing too.
| might toroids be willing to help with packaging and upper layers?
I am. Happy to look for more people too.
More information about the Tech
mailing list