[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27838 [Core Tor/Tor]: v3 onion service wrongly considers Invalid signature for service descriptor signing key: expired



#27838: v3 onion service wrongly considers Invalid signature for service descriptor
signing key: expired
--------------------------+------------------------------------
 Reporter:  s7r           |          Owner:  dgoulet
     Type:  defect        |         Status:  accepted
 Priority:  High          |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.3.5.1-alpha
 Severity:  Normal        |     Resolution:
 Keywords:  tor-hs        |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by dgoulet):

 Ok after a discussion with asn, the right thing to do is to:

 1) Identify the mutable values within a descriptors that would need to be
 refreshed before uploading (for instance, revision counter). We already
 have several of these so we would also need to add the certificate
 creation so we always have fresh cert. The time is rounded down to the
 hour so to avoid the leak of when _exactly_ the descriptor is uploaded.

 2) Add such a function that refreshes all the mutable values before
 uploading.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27838#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs