[tor-bugs] #10324 [Tor]: Sign status documents with RSA2048
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Dec 12 03:40:37 UTC 2013
#10324: Sign status documents with RSA2048
-----------------------------+-----------------
Reporter: ln5 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+-----------------
Comment (by nickm):
0.2.0 is not actually supposed to work nowadays; the issue is that it
would be Bad Indeed if an 0.2.0 client responded to this change by
downloading a consensus and a set of certs over and over, rejecting the
consensus and the certs as invalid every time, and then downloading a new
set. A small set of zombie 0.2.0 clients would thereby put an unpleasant
amount of needless load on the network.
It's also not enough to test that 0.2.0 doesn't do this with the current
network; we really need to test that 0.2.0 doesn't have this failure mode
when confronted with a network containing *only* 2048-bit signing keys.
Otherwise, things might ''seem'' fine until we drop below 5 1024-bit keys
out of 9 and all hell breaks loose.
Other than that, it looks okay to me.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10324#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list