<div dir="ltr">I was going to ask something similar, and this sounds like the best kind of answer - 'you don't need to do anything' :D</div><div class="gmail_extra"><br><br><div class="gmail_quote">On 17 April 2014 17:05, Tobias Markus <span dir="ltr"><<a href="mailto:tobias@miglix.eu" target="_blank">tobias@miglix.eu</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Hi,<br>
<br>
(Disclaimer: I am just a "regular" supporter and have no great<br>
in-depth knowledge about Tor internals.)<br>
<br>
there is a difference between a directory *authority* and a directory<br>
*mirror*. There are only 8 or so directory authorities in the Tor<br>
network which each give a "vote" on each relay. (E.g. Authority A<br>
thinks that Relay R should get the Running and Valid flag.)<br>
<br>
The posts above are from Tor senior contributors, some running a<br>
directory authority. Roger (Tor "founder") originally said that he<br>
recommends dirauths to reject (give no flags to relays in their votes<br>
and therefore throwing them out of the Tor network) relays affected by<br>
the Heartbleed bug.<br>
<br>
A directory mirror (a relay with the Directory Mirror option enabled)<br>
just mirrors the original votes by the dirauths. Because they are all<br>
cryptographically signed, any tampering you could do to the vote could<br>
be detected by clients. (Tor clients only trust votes signed by the<br>
dirauths' keys.)<br>
<br>
Correct me if I'm wrong! :D<br>
<div><div class="h5"><br>
On 04/17/2014 04:55 PM, Saint Aardvark the Carpeted wrote:<br>
> Roger Dingledine disturbed my sleep to write:<br>
>> On Wed, Apr 16, 2014 at 08:03:51PM -0700, Andrea Shepard wrote:<br>
>>>> <a href="http://charon.persephoneslair.org/~andrea/private/hb-fingerprints-20140417002500.txt" target="_blank">http://charon.persephoneslair.org/~andrea/private/hb-fingerprints-20140417002500.txt</a><br>
>>><br>
>>><br>
>>>><br>
The SHA-256 hash of that file, for the sake of stating it under a PGP<br>
>>> signature, is:<br>
>>><br>
>>> dadd2beca51d1d5cd7ffe7d3fe3a57200c7de7e136cad23b0691df2fbe84ee3f<br>
>><br>
>><br>
>>><br>
Thanks Andrea. 374 of the 380 lines from Sina's file overlap with yours.<br>
>><br>
>> I've moved moria1 to reject the union of the two lists.<br>
><br>
> As an ordinary Tor relay operator who's running a directory mirror,<br>
> is there anything I need to do for my Tor relay about this? I've<br>
> found this message from the mailing list from a couple years ago:<br>
><br>
> <a href="https://lists.torproject.org/pipermail/tor-talk/2011-October/021936.html" target="_blank">https://lists.torproject.org/pipermail/tor-talk/2011-October/021936.html</a><br>
><br>
> ...which seems to imply that the directory operators are separate,<br>
> and this is nothing I have to take action about. But I wanted to<br>
> make sure about this, as I couldn't find anything on the Tor FAQ.<br>
> Apologies if this is answered somewhere else.<br>
><br>
> Thanks, Hugh<br>
</div></div>-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v2.0.22 (GNU/Linux)<br>
<br>
iEYEARECAAYFAlNP+74ACgkQAO6N0EYmC9a3OgCgrwgZqo6BUGlD+DaYNPPHzWCc<br>
9XkAnRHN5klCU3w4PEuEm7vg0KDJfgZv<br>
=TQAH<br>
-----END PGP SIGNATURE-----<br>
<div class="HOEnZb"><div class="h5">_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><b>Dr Chris Whittleston 栗主</b><br>Department of Chemistry<br>University of Cambridge<br>Lensfield Road, Cambridge, CB2 1EW<br>Email: <a href="mailto:csw34@cam.ac.uk" target="_blank">csw34@cam.ac.uk</a><br>
Tel: +44 (0)1223 336423
</div>