On 6 Dec. 2016, at 10:32, David Goulet dgoulet@ev0ke.net wrote:
On 06 Dec (10:09:57), teor wrote:
...
Here's a suggested strategy:
- at load time, validate the HS options as if v2 is the default, and
validate them as if v3 is the default, and fail if either validation fails.
- then, act on the HS options as if v2 is the default, and also act as
if v3 is the default, and fail if either action fails. (We need to do this because we don't discover some option issues until runtime, such as whether the directory can be created.)
- then, when each consensus is downloaded, publish whichever descriptor
is the default in the consensus (if the HS config does not specify a specific version).
This is a reasonable way to proceed considering we use a consensus param to know which version of default HS to create. I see this as more of an engineering problem that can be solved.
Which what I would like us to decide on if we think that consensus param controlling the default version is a good idea or not. If we think yes, we can pull it off, if not everything is simpler :).
So just to be clear, I'm behind you on the concern of making sure we validate the options on launch instead of failing at consensus download. There are ways we can address that like you outlined above.
Yes, I think it is possible, and a better outcome than baking a protocol default into the first release we want to use it in.
As long as you are willing to put in the extra dev and test effort!
T