[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #16530 [Tor]: uploaded a descriptor with a Ed25519 key but the <rsa, ed25519> keys don't match what they were before.
#16530: uploaded a descriptor with a Ed25519 key but the <rsa,ed25519> keys don't
match what they were before.
-------------------------+--------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: blocker | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-auth
Actual Points: | Parent ID:
Points: |
-------------------------+--------------------------------
Changes (by nickm):
* priority: normal => blocker
Comment:
This means that your authority believes that these two routers previously
had different Ed25519 keys to go with their RSA identity keys, and they
changed them. So it's rejecting the descriptors as hopeless.
Dgoulet ran into this on his relay.
There are a few possible explanations:
1. The operators of these routers accidentally deleted or replaced
ed25519 keys somehow. (''If this is the case, we should make these
accidents much harder to trigger.'')
2. There's a bug in the relay code that deletes or replaces the ed25519
key without the relay operator knowing. (''If this is the case, we need to
fix this before releasing 0.2.7.2-alpha or relays will fall off the
network'')
3. There's a bug in the authority key-pinning code that makes us think
the key changed when it didn't. (''If this is the case, we need to fix it
before too many authorities upgrade, or they will kick all the >=
0.2.7.2-alpha relays off the network'')
I'm calling this a blocker on 0.2.7.2-alpha, in case it's case 2 or case
3.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16530#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs