proposal, I guess, by having documents signed with Ed25519 and RSA1024... but one of the signatures is much better than the other: 255-bit ECC groups will be secure long after RSA1024 has fallen.
I think the reference I saw was referring not to extended effective key length [1] but to offset algorithms [2], in case some maths pop up from the hole and say look what we just broke. Yes, both are sortof happening above. I doubt Tor would be the first realtime target upon that news anyway and would be written around in a flag week. Stored traffic later might. O well.
[1] eg: 256 ecc ~= 3k rsa afaik [2] As in the md5/sha1 to n (below) to sha3 situation. And maybe some creeping closer for rsa now too.
(I'm also a little surprised that nobody has said we should be using Keccak or Blake2 in place of SHA256/SHA512 here. ;) )