[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Reregister after key change?

     On Fri, 16 May 2008 09:03:46 +0200 tor@xxxxxxxxxxxx wrote:
>On Thu, May 15, 2008 at 11:50:12PM -0500, Scott Bennett wrote:
>>      On Fri, 16 May 2008 04:11:15 +0200 tor@xxxxxxxxxxxx wrote:
>> >I seem to remember that, when I set up my tor node, the instructions 
>> >suggested to register the node name by sending an email to somewhere. In 
>> >the docs currently online I don't find this request anymore.
>> >
>> >Anyway, since I changed my onion key because of the ssl vulnerability 
>> >should I send another email somewhere?
>> >
>>      The onion key isn't the problem here.  tor changes onion keys every
>> so many days anyway and uploads a new descriptor when that happens.  It's
>Sorry, I mixed that up but I deleted all keys, hence also the signing 

     It's probably just as well.  If your system was one of those afflicted,
there's a reasonable chance that both keys were weak.
>> when you change the signing key that there is a problem because that is
>> the permanent key that is tied to the identity of your server in particular.
>> If a descriptor is sent to the authorities that has a different key for
>> your server, tor treats it as the descriptor for a new server that happens
>> to have the same nickname and IP address as the old server.  In other words,
>> to thinks that there are two servers claiming the same nickname.  If the
>> older one is marked as Named in the authorities' directories, then the new
>> server will likely be warned that its nickname is a duplicate of a legitimate
>> server and should probably be changed. 
>I haven't seen any warnings regarding my own name in the logs. I guess 
>my 'registration' never really happend.
>I noticed all (most) of my familymembers (nodes at the same colo) do 
>have two entries and the logs also warn about this. I assume the old 
>identities will eventually expire? Tor mentions that they are not 
>'named', at least some of them.
     If they aren't flagged as Named, then yes, they should eventually be
eliminated from the directory authorities' directories.  Because of the
older directory protocol's specification, that expiration probably is still
an irritatingly long time in the future, which is one more reason that the
effort by Roger et al. to identify weak keys and mark those keys' servers
as not Valid is so urgent.  Someone could conceivable crack a signing-key
and steal your server's (old) identity.  If it were still marked Valid,
then tor servers and clients the world over would accept the impostor.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *