[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4363 [Core Tor/Tor]: Dirauths should save a copy of a consensus that didn't get enough signatures



#4363: Dirauths should save a copy of a consensus that didn't get enough
signatures
-------------------------------------------------+-------------------------
 Reporter:  Sebastian                            |          Owner:  (none)
     Type:  enhancement                          |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.5.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-dirauth auditability save dump   |  Actual Points:
  033-backport-maybe 034-backport-maybe          |
Parent ID:                                       |         Points:  1
 Reviewer:  mikeperry                            |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 I suggest that we:
 * write out the consensus with no signatures, as early as possible (in
 case we crash parsing or signing it)
 * write out our own signature
 * write out any signatures we get (good or bad) to a file like the
 existing v3-status-votes, but for signatures

 We should think about how to handle the disk DoS risk for the final file,
 because anyone can attempt to sign a consensus, and we would put the
 signature in that file. Maybe we should limit the size of the file?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4363#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs