On Tue, Apr 08, 2014 at 04:35:39PM +0100, mick wrote:
Moritz Bartl moritz@torservers.net allegedly wrote:
Yes. You made it generate new keys, so it is a "new relay" as far as Tor is concerned. This is why not everybody should generate new keys immediately, especially larger relays. But don't worry too much, you'll get your flags back eventually. :)
But Roger's blog post makes no mention of the advisability (or otherwise) of a mass re-generation of keys. All it says is that best practice states this would be a good idea.
The first iteration of my blog post said something like "if you run many fast and stable relays, consider spreading out your relay identity key replacement over the next week so we don't unbalance the network."
But I removed that sentence a little while later, when it became clear that nobody knows for sure but quite possibly an attacker could have extracted key material from vulnerable relays. If that actually happened, I think we probably want new identity keys asap, *especially* from the big relays, and we'll be happier tolerating a couple of bumpy days while the network recovers.
Fun times, --Roger