GitLab

Directory authorities sign status documents (votes and consensuses) with a 1024 bit RSA key called a directory signing key. These keys are typically valid for one year. Being in possession of a majority of the signing keys means that you control the consensus. We should start signing with RSA2048 instead.

I've been testing signing votes and consensuses in a Chutney network. All but 0.2.0.x clients seem happy to bootstrap using a consensus signed with a 2048 bit key. Directory authorities running 0.2.4.18-rc and 0.2.5.1-alpha are happily voting and signing together.

I'm going to create a new signing key for maatuska and see if the Tor network is happy too. If that turns out OK, I'm going to suggest that tor-gencert.c is changed to create 2048 bit keys and then ask other authority operators to generate new keys using that version.