> On 8 Dec. 2016, at 06:40, Univibe <[email protected]> wrote: > > >> I had a thought to publish it on my relay's DirPort (using > >> DirPortFrontPage > >> and a simple html doc containing the public key). Then I could just > >> provide a > >> link to the DirPort in ContactInfo. > > > It's better to just use a fingerprint. I don't know how efficient or useful > > that would be. It is also not necessary. > > Okay. Thanks Jason for your reply. I was just thinking about how PGP key > exchange seems to frustrate most people and wondering if it would make sense > to skip the middleman (keyservers) in this case. Having the public key > published directly by the relay establishes trust. There would be no question > that the PGP key belongs to the relay operator.
Unfortunately, the DirPortFrontPage is not authenticated: it is plain HTTP. But the descriptor with the ContactInfo is signed with your relay key. > However since it's an odd implementation, it might just add confusion instead > of making things easier. It sounds like the convention is to just list your > fingerprint, so I'll do that. Thanks! Yes, this is what people typically do. Thanks! T -- Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------ _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
