[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5598 [Tor Relay]: Generate DH groups asynchronously when we change TLS keys (was: Turn DynamicDHGroups off by default)
#5598: Generate DH groups asynchronously when we change TLS keys
-------------------------+--------------------------------------------------
Reporter: rransom | Owner:
Type: enhancement | Status: new
Priority: major | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Changes (by mikeperry):
* priority: minor => major
Comment:
More seriously, rransom: would this retitling solve your problems?
We already rotate our TLS keys every two hours. Why not also rotate the DH
group then, too? If we did both at the same time, they shouldn't block the
control port like the DH one does, right? After all, TLS key generation
doesn't block... Haven't looked at the code for that bit yet, though...
Slightly more complicated fix, but it sounds more like the right one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5598#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs