[or-cvs] r17528: {tor} Merge proposal 136 into dir-spec.txt. We need to get better (in tor/trunk/doc/spec: . proposals)

nickm at seul.org nickm at seul.org
Tue Dec 9 13:57:24 UTC 2008


Author: nickm
Date: 2008-12-09 08:57:23 -0500 (Tue, 09 Dec 2008)
New Revision: 17528

Modified:
   tor/trunk/doc/spec/dir-spec.txt
   tor/trunk/doc/spec/proposals/000-index.txt
   tor/trunk/doc/spec/proposals/136-legacy-keys.txt
Log:
Merge proposal 136 into dir-spec.txt.  We need to get better about doing this.

Modified: tor/trunk/doc/spec/dir-spec.txt
===================================================================
--- tor/trunk/doc/spec/dir-spec.txt	2008-12-09 06:29:15 UTC (rev 17527)
+++ tor/trunk/doc/spec/dir-spec.txt	2008-12-09 13:57:23 UTC (rev 17528)
@@ -909,6 +909,18 @@
         server's administrator.  Administrators should include at least an
         email address and a PGP fingerprint.
 
+    "legacy-key" SP FINGERPRINT NL
+
+        [At most once]
+
+        Lists a fingerprint for an obsolete _identity_ key still used
+        by this authority to keep older clients working.  This option
+        is used to keep key around for a little while in case the
+        authorities need to migrate many identity keys at once.
+        (Generally, this would only happen because of a security
+        vulnerability that affected multiple authorities, like the
+        Debian OpenSSL RNG bug of May 2008.)
+
    The authority section of a consensus contains groups the following items,
    in the order given, with one group for each authority that contributed to
    the consensus, with groups sorted by authority identity digest:
@@ -1176,7 +1188,12 @@
      The authority item groups (dir-source, contact, fingerprint,
      vote-digest) are taken from the votes of the voting
      authorities. These groups are sorted by the digests of the
-     authorities identity keys, in ascending order.
+     authorities identity keys, in ascending order.  If the consensus
+     method is 3 or later, a dir-source line must be included for
+     every vote with legacy-key entry, using the legacy-key's
+     fingerprint, the voter's ordinary nickname with the string
+     "-legacy" appended, and all other fields as from the original
+     vote's dir-source line.
 
      A router status entry:
         * is included in the result if some router status entry with the same

Modified: tor/trunk/doc/spec/proposals/000-index.txt
===================================================================
--- tor/trunk/doc/spec/proposals/000-index.txt	2008-12-09 06:29:15 UTC (rev 17527)
+++ tor/trunk/doc/spec/proposals/000-index.txt	2008-12-09 13:57:23 UTC (rev 17528)
@@ -58,7 +58,7 @@
 133  Incorporate Unreachable ORs into the Tor Network [DRAFT]
 134  More robust consensus voting with diverse authority sets [ACCEPTED]
 135  Simplify Configuration of Private Tor Networks [FINISHED]
-136  Mass authority migration with legacy keys [FINISHED]
+136  Mass authority migration with legacy keys [CLOSED]
 137  Keep controllers informed as Tor bootstraps [CLOSED]
 138  Remove routers that are not Running from consensus documents [CLOSED]
 139  Download consensus documents only when it will be trusted [CLOSED]
@@ -121,7 +121,6 @@
    111  Prioritizing local traffic over relayed traffic
    128  Families of private bridges
    135  Simplify Configuration of Private Tor Networks
-   136  Mass authority migration with legacy keys
  CLOSED:
    101  Voting on the Tor Directory System
    102  Dropping "opt" from the directory format
@@ -140,6 +139,7 @@
    126  Getting GeoIP data and publishing usage summaries
    129  Block Insecure Protocols by Default
    130  Version 2 Tor connection protocol
+   136  Mass authority migration with legacy keys
    137  Keep controllers informed as Tor bootstraps
    138  Remove routers that are not Running from consensus documents
    139  Download consensus documents only when it will be trusted

Modified: tor/trunk/doc/spec/proposals/136-legacy-keys.txt
===================================================================
--- tor/trunk/doc/spec/proposals/136-legacy-keys.txt	2008-12-09 06:29:15 UTC (rev 17527)
+++ tor/trunk/doc/spec/proposals/136-legacy-keys.txt	2008-12-09 13:57:23 UTC (rev 17528)
@@ -2,7 +2,7 @@
 Title: Mass authority migration with legacy keys
 Author: Nick Mathewson
 Created: 13-May-2008
-Status: Finished
+Status: Closed
 Implemented-In: 0.2.0.x
 
 Overview:



More information about the tor-commits mailing list