George, I would definitely create an extended transition time frame. 6 months or a year where both keys will work. just make it clear there is a cut off date.
And I think Adrelanos's concept is a valid one. Since we may need to do this again, why not put a structure in place that facilitates upgrades to the system itself. On Fri, May 17, 2013 at 3:09 PM, adrelanos <[email protected]> wrote: > George Kadianakis: > > Thoughts? > > Can you make .onion domains really long and therefor really safe against > brute force? > > Or have an option for maximum key length and a weaker default if common > CPU's are still too slow? I mean, if you want to make 2048 bit keys the > default because you feel most hidden services have CPU's which are too > slow for 4096 bit keys, then use 2048 bit as default with an option to > use the max. of 4096 bit. > > Bonus point: Can you make the new implementation support less painful > updates (anyone or everyone) when the next update will be required? > (forward compatibility) > _______________________________________________ > tor-dev mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev >
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
