[tor-bugs] #11454 [Tor]: If two auth certs are both old but were generated nearby in time, we keep both
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 9 05:49:00 UTC 2014
#11454: If two auth certs are both old but were generated nearby in time, we keep
both
--------------------+------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: | Points:
--------------------+------------------------------------
In trusted_dirs_remove_old_certs() we check if
{{{
(cert_published + OLD_CERT_LIFETIME < newest_published)) {
}}}
when deciding whether to discard an old cert from our cache.
We don't check it at all with respect to current time.
So if an authority generates a signing key in January, and then generates
ten more signing keys within a week, and now it's April, we'll still keep
all of them until they expire or until a new signing key shows up that's
more than 7 days newer than them.
This cannot be the right logic.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11454>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list