On 18 Nov. 2016, at 03:52, David Goulet dgoulet@ev0ke.net wrote:
I ended up using the x25519 scheme described above by Nick.
I also ended up dodging the UX questions raised on this thread, by only specifying the Tor protocol level details, and leaving the out-of-band HS<->client protocol mostly unspecified. I believe that this out-of-band protocol and configuration details can be figured out in the future, and we should not block on them right now.
Yes, I believe this is fine. Note that tor-keygen tool is getting another _very_ important use case here that is the key generation on client side.
The tor-keygen tool is not currently included in the Tor Browser bundle. So we would have to add it (or provide an alternate method) for Tor Browser users.
T