Hi Nick,
On 25 Feb 2014, at 17:18, Nick Mathewson nickm@torproject.org wrote:
To mirror the way that authority identity keys work, we'll fully support keeping Ed25519 identity keys offline; they'll be used to sign long-ish term signing keys, which in turn will do all of the heavy lifting. A signing key will get used to sign the things that RSA1024 identity keys currently sign.
There was a discussion of this point on tor-talk just now. s7r (one of the nice support people) was also present, maybe he will follow up here as well.
Basically, the operational complexity of doing this seems to be under-appreciated here, and we're wondering if the added code complexity can possibly be worth it. Maybe we should ask some of the super big relays to weigh in.
Cheers Sebastian