[or-cvs] r17528: {tor} Merge proposal 136 into dir-spec.txt. We need to get better (in tor/trunk/doc/spec: . proposals)
nickm at seul.org
nickm at seul.org
Tue Dec 9 13:57:24 UTC 2008
Author: nickm
Date: 2008-12-09 08:57:23 -0500 (Tue, 09 Dec 2008)
New Revision: 17528
Modified:
tor/trunk/doc/spec/dir-spec.txt
tor/trunk/doc/spec/proposals/000-index.txt
tor/trunk/doc/spec/proposals/136-legacy-keys.txt
Log:
Merge proposal 136 into dir-spec.txt. We need to get better about doing this.
Modified: tor/trunk/doc/spec/dir-spec.txt
===================================================================
--- tor/trunk/doc/spec/dir-spec.txt 2008-12-09 06:29:15 UTC (rev 17527)
+++ tor/trunk/doc/spec/dir-spec.txt 2008-12-09 13:57:23 UTC (rev 17528)
@@ -909,6 +909,18 @@
server's administrator. Administrators should include at least an
email address and a PGP fingerprint.
+ "legacy-key" SP FINGERPRINT NL
+
+ [At most once]
+
+ Lists a fingerprint for an obsolete _identity_ key still used
+ by this authority to keep older clients working. This option
+ is used to keep key around for a little while in case the
+ authorities need to migrate many identity keys at once.
+ (Generally, this would only happen because of a security
+ vulnerability that affected multiple authorities, like the
+ Debian OpenSSL RNG bug of May 2008.)
+
The authority section of a consensus contains groups the following items,
in the order given, with one group for each authority that contributed to
the consensus, with groups sorted by authority identity digest:
@@ -1176,7 +1188,12 @@
The authority item groups (dir-source, contact, fingerprint,
vote-digest) are taken from the votes of the voting
authorities. These groups are sorted by the digests of the
- authorities identity keys, in ascending order.
+ authorities identity keys, in ascending order. If the consensus
+ method is 3 or later, a dir-source line must be included for
+ every vote with legacy-key entry, using the legacy-key's
+ fingerprint, the voter's ordinary nickname with the string
+ "-legacy" appended, and all other fields as from the original
+ vote's dir-source line.
A router status entry:
* is included in the result if some router status entry with the same
Modified: tor/trunk/doc/spec/proposals/000-index.txt
===================================================================
--- tor/trunk/doc/spec/proposals/000-index.txt 2008-12-09 06:29:15 UTC (rev 17527)
+++ tor/trunk/doc/spec/proposals/000-index.txt 2008-12-09 13:57:23 UTC (rev 17528)
@@ -58,7 +58,7 @@
133 Incorporate Unreachable ORs into the Tor Network [DRAFT]
134 More robust consensus voting with diverse authority sets [ACCEPTED]
135 Simplify Configuration of Private Tor Networks [FINISHED]
-136 Mass authority migration with legacy keys [FINISHED]
+136 Mass authority migration with legacy keys [CLOSED]
137 Keep controllers informed as Tor bootstraps [CLOSED]
138 Remove routers that are not Running from consensus documents [CLOSED]
139 Download consensus documents only when it will be trusted [CLOSED]
@@ -121,7 +121,6 @@
111 Prioritizing local traffic over relayed traffic
128 Families of private bridges
135 Simplify Configuration of Private Tor Networks
- 136 Mass authority migration with legacy keys
CLOSED:
101 Voting on the Tor Directory System
102 Dropping "opt" from the directory format
@@ -140,6 +139,7 @@
126 Getting GeoIP data and publishing usage summaries
129 Block Insecure Protocols by Default
130 Version 2 Tor connection protocol
+ 136 Mass authority migration with legacy keys
137 Keep controllers informed as Tor bootstraps
138 Remove routers that are not Running from consensus documents
139 Download consensus documents only when it will be trusted
Modified: tor/trunk/doc/spec/proposals/136-legacy-keys.txt
===================================================================
--- tor/trunk/doc/spec/proposals/136-legacy-keys.txt 2008-12-09 06:29:15 UTC (rev 17527)
+++ tor/trunk/doc/spec/proposals/136-legacy-keys.txt 2008-12-09 13:57:23 UTC (rev 17528)
@@ -2,7 +2,7 @@
Title: Mass authority migration with legacy keys
Author: Nick Mathewson
Created: 13-May-2008
-Status: Finished
+Status: Closed
Implemented-In: 0.2.0.x
Overview:
More information about the tor-commits
mailing list