Changes between Version 8 and Version 9 of doc/TorRelaySecurity


Ignore:
Timestamp:
Sep 22, 2017, 2:04:24 PM (18 months ago)
Author:
cypherpunks
Comment:

+OfflineMasterKey Defense

Legend:

Unmodified
Added
Removed
Modified
  • doc/TorRelaySecurity

    v8 v9  
    9191accounts, since it [http://www.gremwell.com/ssh-mitm-public-key-authentication prevents ssh server key theft from allowing continuous server compromise].
    9292
     93== Vector !#1: Offline Master Keys ==
     94
     95Even stronger than ephemeral identity keys are [https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity/OfflineKeys offline master keys] that are never exposed to the relay at all. This make regular reputation resets (due to key resets) unnecessary and provides stronger assurances to the identity key when compared to keys that are deleted on reboot or every 12 to 18 months.
     96
    9397== Vector !#2: Isolation Hardening and Readonly Runtime ==
    9498