On Sat, Dec 28, 2013 at 1:15 PM, grarpamp <[email protected]> wrote: > On Sat, Dec 28, 2013 at 6:46 AM, Gregory Maxwell <[email protected]> wrote: >> One of the current unfortunate properties of hidden services is that >> the identity of the hidden service is its public key (or the > >> This is pretty bad for prudent key management— the key is very high >> value because its difficult to change, and then stuck always online > > It's not difficult to change, you just change it. > I'm pretty sure there's a ticket open involving most of this key > management stuff, you could add any missing concepts to it. > It's been on the list before too. And there's a second gen draft > proposal on tor-dev/torspec.
It absolutely is difficult to change— you can only "just change it" if no one uses it. Otherwise you're chasing people to change addresses on websites and in software, and the static addresses in people's bookmarks are vulnerabilities— both if the key falls into an attackers hands but also because if users become used to the URL just changing they'll believe it when an attacker DOS attacks the URL while publishing a new one. Copies of the old name lurk around for years hitting unsuspecting people, etc. Sure, it's not the end of the world. Life goes on, and even with good key management possible, many won't use it. -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
