Verified Commit 9b04a41b authored by Silvio Rhatto's avatar Silvio Rhatto
Browse files

Feat(docs): README: a note on Onionbalance usage

parent 5126d874
......@@ -168,6 +168,19 @@ That means that passphrases should:
* Either be destroyed along unused candidates OR, if stored, have the same
storage security level than the .onion keypair.
### Onionbalance compatibility
When generating keys for [Onionbalance](https://onionbalance.readthedocs.io/en/latest/),
make sure to use one pool per key:
1. One pool for the frontend instance.
2. One pool per backend instance.
This is for security considerations: keys generated within the same pool are highly
correlated. This means that if an attacker takes control of a backend instance that
uses a keypair generated in the same pool, then the attacker can try to regenerate
related keys.
## Tasks
Check the [issue queue](https://gitlab.torproject.org/tpo/onion-services/onionmine/-/issues)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment