Delivery-Date: Mon, 02 Mar 2015 22:05:29 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id F31461E0A5E
	for <archiver@seul.org>; Mon,  2 Mar 2015 22:05:27 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 30CF433FE9;
	Tue,  3 Mar 2015 03:05:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id EB1E833F54
 for <tor-talk@lists.torproject.org>; Tue,  3 Mar 2015 03:05:20 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id hjOVt-mhEf-w for <tor-talk@lists.torproject.org>;
 Tue,  3 Mar 2015 03:05:20 +0000 (UTC)
Received: from imap2-3.ox.privateemail.com (imap2-3.ox.privateemail.com
 [192.64.116.208])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "privateemail.com",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id CC32E33F49
 for <tor-talk@lists.torproject.org>; Tue,  3 Mar 2015 03:05:20 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by mail.privateemail.com (Postfix) with ESMTP id D79BA8C007D
 for <tor-talk@lists.torproject.org>; Mon,  2 Mar 2015 22:05:17 -0500 (EST)
X-Virus-Scanned: Debian amavisd-new at imap2.ox.privateemail.com
Received: from mail.privateemail.com ([127.0.0.1])
 by localhost (imap2.ox.privateemail.com [127.0.0.1]) (amavisd-new, port 10024)
 with LMTP id OoQ9mgvArDtn for <tor-talk@lists.torproject.org>;
 Mon,  2 Mar 2015 22:05:17 -0500 (EST)
Received: from [192.168.42.162] (135-23-87-110.cpe.pppoe.ca [135.23.87.110])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by mail.privateemail.com (Postfix) with ESMTPSA id 9A6528C007B
 for <tor-talk@lists.torproject.org>; Mon,  2 Mar 2015 22:05:17 -0500 (EST)
Message-ID: <54F524EE.3050400@adrienj.com>
Date: Mon, 02 Mar 2015 22:05:18 -0500
From: Adrien Johnson <adrienj@adrienj.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64;
 rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54F506C7.6020202@adrienj.com>
 <CALoT2zYkwUEguD-bN+hsePTK8a+G=HRWju6s3yGtiQA5+G5Waw@mail.gmail.com>
 <54F51F38.30902@adrienj.com>
 <CAKrUFkh4fd9tkssVXiUs0g_X5vRYH2FBA4Te0nJGRtyM2Qy0dw@mail.gmail.com>
In-Reply-To: <CAKrUFkh4fd9tkssVXiUs0g_X5vRYH2FBA4Te0nJGRtyM2Qy0dw@mail.gmail.com>
Subject: Re: [tor-talk] Revoking a hidden service key
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

An solution might be to allow hidden service revocation descriptors to 
expire after a long time, and to be updated by the hidden service 
operator, but only as a new revocation descriptor which has a later 
expiration date. That way the Tor network can eventually forget about 
revoked hidden services which are no longer used and where the operator 
no longer feels there is a threat of impersonation.

On 2015-03-02 9:50 PM, Max Bond wrote:
> It seems like the only way this scheme could work is if the directories
> remembered which services had issued revocations, making compromises
> expensive for the whole network and opening the door for denial-of-service
> attacks that effect hidden services as a whole.
>
> I would counter propose that you set up a Twitter account which tweets
> about the status of your hidden service, where you could make an emergency
> announcement. Perhaps you could have a passcode required to enter the site
> that changes on a daily basis and is announced from twitter, so that your
> users get in the habit of checking twitter before logging in to your site.
>
> On Mon, Mar 2, 2015 at 6:40 PM, Adrien Johnson <adrienj@adrienj.com> wrote:
>
>> Deleting your key and taking down your service would prevent further
>> compromise of your system, but if your private key was already stolen, it
>> wouldn't stop an attacker from continuing to announce your key and running
>> an imposter service.
>>
>> --
>> tor-talk mailing list - tor-talk@lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

