[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5598 [Tor Relay]: Generate DH groups asynchronously when we change TLS keys (was: Turn DynamicDHGroups off by default)



#5598: Generate DH groups asynchronously when we change TLS keys
-------------------------+--------------------------------------------------
 Reporter:  rransom      |          Owner:     
     Type:  enhancement  |         Status:  new
 Priority:  major        |      Milestone:     
Component:  Tor Relay    |        Version:     
 Keywords:               |         Parent:     
   Points:               |   Actualpoints:     
-------------------------+--------------------------------------------------
Changes (by mikeperry):

  * priority:  minor => major


Comment:

 More seriously, rransom: would this retitling solve your problems?

 We already rotate our TLS keys every two hours. Why not also rotate the DH
 group then, too? If we did both at the same time, they shouldn't block the
 control port like the DH one does, right? After all, TLS key generation
 doesn't block... Haven't looked at the code for that bit yet, though...

 Slightly more complicated fix, but it sounds more like the right one.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5598#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs