[tor-bugs] #24940 [Core Tor/Tor]: Make authorities post authority_certificate to other authorities
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 18 21:47:35 UTC 2018
#24940: Make authorities post authority_certificate to other authorities
-------------------------+-------------------------------------------------
Reporter: teor | Owner: (none)
Type: | Status: new
enhancement |
Priority: Medium | Milestone: Tor: 0.3.4.x-final
Component: Core | Version:
Tor/Tor | Keywords: tor-dirauth, tor-dirauth-offline,
Severity: Normal | needs-proposal-maybe
Actual Points: | Parent ID:
Points: 2 | Reviewer:
Sponsor: |
-------------------------+-------------------------------------------------
At the moment, offline authorities work, until their certificates expire.
They post their votes to other authorities, and fetch votes from other
authorities, and no-one needs to connect to them.
But when their certificates expire, no-one can get their new certificate,
because it's only available via a download from that authority.
(There's a hack that involves placing the new certificate in another
authorities cached certificates file. Which is not ok on the public
network.)
Let's make a way for offline authorities to post their certificates to
other authorities, and make all authorities do it when they have a new
certificate.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24940>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list