[tor-dev] proposal 240: Early signing key revocation for directory authorities.
Peter Palfrader
weasel at torproject.org
Sun Jan 11 19:18:07 UTC 2015
On Sun, 11 Jan 2015, Nick Mathewson wrote:
> On Sun, Jan 11, 2015 at 4:23 AM, Peter Palfrader <weasel at torproject.org> wrote:
> > On Sat, 10 Jan 2015, Nick Mathewson wrote:
> >
> >> This proposal describes a simple way for directory authorities to
> >> perform signing key revocation.
> >>
> >> 2. Specification
> >>
> >> We add the following lines to the authority signing certificate
> >> format:
> >>
> >> revoked-signing-key SP algname SP FINGERPRINT NL
> >
> > Why not implictly revoke any previous signing key when we see a new,
> > valid signing key certificate with a later published timestamp?
> >
> > It would appear to be simpler and require less state.
>
> My main worry there is that it's possible to accidentally publish a
> certificate in the far future. If we can prevent that from ever
> happening, then we can probably just do what you suggest. Any
> thoughts?
That wouldn't be a valid certificate yet. It would only become valid
after its published timestamp.
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
More information about the tor-dev
mailing list