> On 18 Nov. 2016, at 09:20, David Goulet <[email protected]> wrote: > > On 18 Nov (08:27:53), teor wrote: >> >>> On 18 Nov. 2016, at 03:52, David Goulet <[email protected]> wrote: >>> >>>> >>>> I ended up using the x25519 scheme described above by Nick. >>>> >>>> I also ended up dodging the UX questions raised on this thread, by only >>>> specifying the Tor protocol level details, and leaving the out-of-band >>>> HS<->client protocol mostly unspecified. I believe that this out-of-band >>>> protocol and configuration details can be figured out in the future, and >>>> we should not block on them right now. >>> >>> Yes, I believe this is fine. Note that tor-keygen tool is getting another >>> _very_ important use case here that is the key generation on client side. >> >> The tor-keygen tool is not currently included in the Tor Browser bundle. >> So we would have to add it (or provide an alternate method) for Tor Browser >> users. > > It also does not really exists :). But we have a ticket for it and it's > very important also for HS offline keys!
Oh right, I had it confused with tor-gencert. > And yes, I like you idea that TBB should have it included coupled with a > nice UI for HS auth. And the Tor Expert Bundle (Windows) so people can run HSs on Windows using it. T -- Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------ _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
