diff options
author | Nick Mathewson <nickm@torproject.org> | 2016-09-22 11:12:20 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-09-22 11:12:20 -0400 |
commit | b2e42644dc39abe6c4960346fd588d8dcd0ab650 (patch) | |
tree | e59c687325338b0d26d151cb4f40541a83467be9 /proposals/220-ecc-id-keys.txt | |
parent | 0760e80a360ad1d315b48099f3ebd5e511516b2d (diff) | |
download | torspec-b2e42644dc39abe6c4960346fd588d8dcd0ab650.tar.gz torspec-b2e42644dc39abe6c4960346fd588d8dcd0ab650.zip |
Note TLS link key size and digest change in prop220
Diffstat (limited to 'proposals/220-ecc-id-keys.txt')
-rw-r--r-- | proposals/220-ecc-id-keys.txt | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/proposals/220-ecc-id-keys.txt b/proposals/220-ecc-id-keys.txt index 7a21f20..dd063e8 100644 --- a/proposals/220-ecc-id-keys.txt +++ b/proposals/220-ecc-id-keys.txt @@ -670,3 +670,11 @@ A.5. Reserved numbers 6: TLS authentication key certified by Ed25519 signing key 7: RSA cross-certificate for Ed25519 identity key + +A.6. Related changes + + As we merge this, proposal, we should also extend link key size to + 2048 bits, and use SHA256 as the x509 cert algorithm for our link + keys. This will improve link security, and deliver better + fingerprinting resistence. See proposal 179 for an older discussion + of this issue. |