[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] proposal 240: Early signing key revocation for directory authorities.



On Sun, Jan 11, 2015 at 4:23 AM, Peter Palfrader <weasel@xxxxxxxxxxxxxx> wrote:
> On Sat, 10 Jan 2015, Nick Mathewson wrote:
>
>>    This proposal describes a simple way for directory authorities to
>>    perform signing key revocation.
>>
>> 2. Specification
>>
>>    We add the following lines to the authority signing certificate
>>    format:
>>
>>      revoked-signing-key SP algname SP FINGERPRINT NL
>
> Why not implictly revoke any previous signing key when we see a new,
> valid signing key certificate with a later published timestamp?
>
> It would appear to be simpler and require less state.

My main worry there is that it's possible to accidentally publish a
certificate in the far future.  If we can prevent that from ever
happening, then we can probably just do what you suggest.  Any
thoughts?

-- 
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev