Sign status documents with RSA2048
|Reported by:||ln5||Owned by:|
|Actual Points:||Parent ID:|
Directory authorities sign status documents (votes and consensuses) with a 1024 bit RSA key called a directory signing key. These keys are typically valid for one year. Being in possession of a majority of the signing keys means that you control the consensus. We should start signing with RSA2048 instead.
I've been testing signing votes and consensuses in a Chutney network. All but 0.2.0.x clients seem happy to bootstrap using a consensus signed with a 2048 bit key. Directory authorities running 0.2.4.18-rc and 0.2.5.1-alpha are happily voting and signing together.
I'm going to create a new signing key for maatuska and see if the Tor network is happy too. If that turns out OK, I'm going to suggest that tor-gencert.c is changed to create 2048 bit keys and then ask other authority operators to generate new keys using that version.
Change History (18)
comment:15 Changed 21 months ago by nickm
- Milestone set to Tor: 0.2.5.x-final
- Resolution set to implemented
- Status changed from needs_revision to closed