On 12/17/13 10:31 PM, Nick Mathewson wrote:
165 Easy migration for voting authority sets
This is a design for how to change the set of authorities without having a flag day where the authority operators all reconfigure their authorities at once. It needs more discussion. One difficulty here is that we aren't talking much about changing the set of authorities, but that may be a chicken-and-egg issue, since changing the set is so onerous. If anybody is interested, it would be great to move the discussion ahead here. (5/2011)
Hi Nick,
(just in case you're wondering, I'm going through all proposals in your list that have to do with the directory protocol and try to review them)
Proposal 165 looks like a fine idea, and the algorithm looks plausible to me. I'd say let's do it!
So, what discussion would you want to see here? Are you hoping for some kind of "proof" that the suggested algorithm cannot break under certain assumptions? I don't know how to write one. But this could be a fine question for a grad student or researcher. For example, a few days ago we have been asked for research questions for small doctoral projects, and this could be a fine topic.
Or did you expect to hear from current and prospective authority operators? As a former authority operator I can say that I'd really have appreciated a two-phase process where everyone first configures a second voting set and then removes the first voting set.
Or were you hoping for somebody to implement the proposal? Doesn't seem terribly difficult, so maybe we'd find somebody if we created a Trac ticket for it.
Here's some feedback, though nothing really important:
- Branch prop165tweaks in my public torspec repository has a few tweaks.
- You say in "Migration issues" that we should keep track somewhere which Tor client versions recognized which authorities. Would it be sufficient to write a little shell script that searches the git history of config.c for changes to trusted authorities and prints out which tags first contained those commits.
Let me know if I can help with anything here.
All the best, Karsten