[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27838 [Core Tor/Tor]: v3 onion service wrongly considers Invalid signature for service descriptor signing key: expired

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #27838 [Core Tor/Tor]: v3 onion service wrongly considers Invalid signature for service descriptor signing key: expired
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 18 Oct 2018 16:44:09 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 18 Oct 2018 12:44:19 -0400
In-reply-to: <043.d13a1fe6c01f4d71a98b1a5215909648@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.d13a1fe6c01f4d71a98b1a5215909648@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#27838: v3 onion service wrongly considers Invalid signature for service descriptor
signing key: expired
--------------------------+------------------------------------
 Reporter:  s7r           |          Owner:  dgoulet
     Type:  defect        |         Status:  accepted
 Priority:  High          |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.3.5.1-alpha
 Severity:  Normal        |     Resolution:
 Keywords:  tor-hs        |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by dgoulet):

 Ok after a discussion with asn, the right thing to do is to:

 1) Identify the mutable values within a descriptors that would need to be
 refreshed before uploading (for instance, revision counter). We already
 have several of these so we would also need to add the certificate
 creation so we always have fresh cert. The time is rounded down to the
 hour so to avoid the leak of when _exactly_ the descriptor is uploaded.

 2) Add such a function that refreshes all the mutable values before
 uploading.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27838#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #28154 [Community/Tor Support]: What do the different onions mean on the address bar?
Next by Author: [tor-bugs] #28196 [Applications/Tor Browser]: about:preferences#general is not properly translated anymore starting with Tor Browser 8.5a4
Previous by thread: Re: [tor-bugs] #27838 [Core Tor/Tor]: v3 onion service wrongly considers Invalid signature for service descriptor signing key: expired
Next by thread: Re: [tor-bugs] #27838 [Core Tor/Tor]: v3 onion service wrongly considers Invalid signature for service descriptor signing key: expired
Index(es):
- Author
- Thread