[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18319 [Core Tor/Tor]: Exclude relays that don't match pinned RSA/Ed key pairs
#18319: Exclude relays that don't match pinned RSA/Ed key pairs
-------------------------------------------------+-------------------------
Reporter: teor | Owner: nickm
Type: defect | Status: closed
Priority: High | Milestone: Tor:
| 0.3.0.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-ed25519-proto, nickm- | implemented
deferred-20160905, review-group-15 | Actual Points:
Parent ID: | Points: 1
Reviewer: | Sponsor:
| SponsorU-can
-------------------------------------------------+-------------------------
Comment (by teor):
Just a reminder for when we deploy this code:
Has anyone checked that each directory authority's current key pairs are
pinned consistently by every other directory authority?
When we ran into this issue in the test network, I had to delete the RSA
and ed keys for the broken authority, and regenerate them (and then we had
to update all the torrc authority lines). If this happened in the public
network, we would have to update the tor source code.
When the first authority deploys this code, we'll find some
inconsistencies, but it will take a majority of authorities (ideally with
consistent pairings) to affect the consensus.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18319#comment:33>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs