tor-spec still says "For a public-key cipher, we use RSA with 1024-bit keys"
In 0.3. Ciphers
, tor-spec.txt says we use 1024-bit rsa as our public key cipher.
Later, it turns out we use other things, but if you're just reading from the top, you will conclude that we're still relying on 1024-bit rsa for everything (which would be bad).
We should update the 0.3. Ciphers
section to include the ciphers we use now. Or we should rework things so there doesn't need to be a 0.3. Ciphers
section that apparently doesn't get updated when the other parts of the spec get updated. :)