https://lists.torproject.org/pipermail/tor-dev/2019-December/014106.html
Reply summary:
-
Guessing it is as likely as guessing the correct key that has 2^256 entropy.
-
The only advantage I’m seeing is that it has less resource load than the multi onion approach, but then again if you have a authenticated access scenario, how many parties do you hope to manage before it becomes out of hand? The security argument is moot when malware can just steal the auth cookie. Also you can take v3 service keys offline for extra security. Another argument for authenticated access is it makes webserver configuration more manageable than in the multi onion scenario.
https://lists.torproject.org/pipermail/tor-dev/2019-December/014107.html
- Another suggestion is to use it to protect a publicly accessible bookmark that you refer to, but I would archive the info all offline because it gives more peace of mind.
Thoughts on this?