On 9/1/2016 12:18 PM, patacca wrote: [SNIP] > > I would find very useful a mail notification when the ed25519 key's > expiration date is near and the OfflineMasterKey is enabled. > Also if the expiry information could be shown on atlas that would be nice. The expiration date of the temporary ed25519 signing key is included in the server's descriptor afaik, but there's no way to know if a relay has OfflineMasterKey enabled or not. We could add this extra info but I would disagree since this will advertise which relays have this enabled and which not. The system is designed in a way that you should not use OfflineMasterKey if you want to leave your relay unattended or don't have time to renew keys. A simple script installed on the relay and executed by a cronjob can determine the expiration date of the ed25519 signing key and send an email when there's less than X minutes/days remaining. I don't think this should be a network wide default.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays