[tor-relays] Heartbleed" Exchange of keys now or later?
Sebastian Urbach
sebastian at urbach.org
Wed Apr 9 14:26:18 UTC 2014
Hi,
I recall that Roger Dingledine pointed out that this is a stress situation
for the whole network, but the flags should be in order in just a few days
time.
Better to update OpenSSL right now, discard everything in /keys and wait
for the recovery. I expect that the vast majority of the systems should be
back to business as usual in about 2-3 days.
After updating the OpenSSL, I chopped our relay's keys at noon EST
yesterday. The traffic has indeed collapsed since then. Old configuration
was averaging around 55Mb/s per my Cacti. A URL here:
https://atlas.torproject.org/#details/566B0F92197A9D855846E68D2AEEF8266B147D35
This morning my Cacti graphs say it is still sitting at near nothing, like
1.5Mb. "arm" says between 500-600Kb/s. The new URL is here and at least at
this time, you can really see the dropoff in the 3-day graph.
https://atlas.torproject.org/#details/30C19B81981F450C402306E2E7CFB6C3F79CB6B2
I wonder how long it will take our relays to recover?
I wonder if it is a good idea, or technically feasible, to do a one time
kick-over of something in the Tor network so that the system sees what the
relay flags etc. should be on these emergency-redefined relays. Certainly
if everyone updated at once and the traffic died like this everywhere, Tor
would be pretty messed.
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
More information about the tor-relays
mailing list