[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file

Subject: Re: [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 26 Apr 2017 01:50:55 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 25 Apr 2017 21:51:05 -0400
In-reply-to: <044.a90d1bc0442895b58df07dcd5374e272@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.a90d1bc0442895b58df07dcd5374e272@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22029: Allow ed25519 keys to be banned in the approved-routers file
--------------------------+------------------------------------
 Reporter:  teor          |          Owner:
     Type:  enhancement   |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:  1
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by teor):

 Replying to [comment:1 dgoulet]:
 > Oh fine idea!
 >
 > Quick question here. Can a relay have N rsa keys (for N > 1) for 1
 ed25519 key and still keep it's uptime/weight?

 Yes, but not for long.

 The directory authorities keep a key pinning journal, but don't enforce
 it.

 When we turn on key pinning, authorities won't vote for relays that change
 one key and keep the other the same.

 > I'm asking here because we currently block by RSA fingerprint but what
 if I can rotate that everyday (or when blocked) but still keep my
 consensus weight because my ed25519 is still recognized by dirauths?

 The bandwidth script uses RSA fingerprints, so changing your RSA removes
 all your bandwidth.

 In the far future, when we remove RSA keys, we will want to have a file
 that bans both RSA and ed25519 keys, to make the transition easier.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22029#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #21222 [User Experience]: Redesigning torproject.org (was: Prepare to)
Next by Author: [tor-bugs] #22019 [User Experience/Website]: Integrate a Captcha and Honeypot
Previous by thread: Re: [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
Next by thread: [tor-bugs] #22030 [Core Tor/Tor]: Exit Policy reject * does not reject IPv6 ports
Index(es):
- Author
- Thread