Tor-spec does not specify how clients should manage identity certificates
Tor-spec requires two certificates from each part when negotiating a TLS session, one using a temporary key, and one using the identity key of each part. This is fine when one OR connects to another, but when a client/OP connects to its initial OR, it should reveal as little as possible about itself. The client might of course be tracked by IP by the first OR, but having a long term identity key will make it even less anonymous. For example, the client might be connecting from a large NAT network, or through another anonymization service.
The specification should either specify how often clients are supposed to change their identity keys (use a new one for each connection?), or explicitly allow clients to connect using only one certificate (any issues with this, making it easier to tell client-OR connections from OR-OR connections?).
[Automatically added by flyspray2trac: Operating System: All]