It seems like the only way this scheme could work is if the directories remembered which services had issued revocations, making compromises expensive for the whole network and opening the door for denial-of-service attacks that effect hidden services as a whole.
I would counter propose that you set up a Twitter account which tweets about the status of your hidden service, where you could make an emergency announcement. Perhaps you could have a passcode required to enter the site that changes on a daily basis and is announced from twitter, so that your users get in the habit of checking twitter before logging in to your site. On Mon, Mar 2, 2015 at 6:40 PM, Adrien Johnson <adri...@adrienj.com> wrote: > Deleting your key and taking down your service would prevent further > compromise of your system, but if your private key was already stolen, it > wouldn't stop an attacker from continuing to announce your key and running > an imposter service. > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
