[tor-bugs] #2665 [Tor Relay]: Create a dirauth rotation procedure

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Mon Mar 7 00:57:29 UTC 2011


#2665: Create a dirauth rotation procedure
-----------------------+----------------------------------------------------
 Reporter:  mikeperry  |          Owner:       
     Type:  task       |         Status:  new  
 Priority:  normal     |      Milestone:       
Component:  Tor Relay  |        Version:       
 Keywords:             |         Parent:  #2664
   Points:             |   Actualpoints:       
-----------------------+----------------------------------------------------
Description changed by mikeperry:

Old description:

> We have the technical ability right now to rotate up to n-1 of the
> directory authorities to new IP addresses, with new intermediate keys by
> updating torrc files of the other dirauths. So long as at least one
> directory authority remains listening on its old IP address and is aware
> of the other directory authorities' new locations, it should still be
> possible to both produce a consensus and distribute it to new clients.
>
> We should clearly document this procedure so we can execute it quickly if
> the Tor directory authorities fall victim to a DoS or widespread
> compromise.
>
> We should also consider altering client bundles to ship with a reduced
> consensus or descriptor set of ultra high-uptime directory mirrors, so
> that in the future we can rotate all n directory authorities without
> issue.

New description:

 We have the technical ability right now to rapidly rotate up to n-1 of the
 directory authorities to new IP addresses and new intermediate keys,
 simply by updating torrc files of dirauths. So long as at least one
 directory authority remains listening on its old IP address and is aware
 of the other directory authorities' new locations, it should still be
 possible to both produce a consensus and distribute it to new clients.

 We should clearly document this procedure so we can execute it quickly if
 a majority of the Tor directory authorities fall victim to a DoS or
 compromise.

 We should also consider altering client bundles to ship with a reduced
 consensus or descriptor set of ultra high-uptime directory mirrors, so
 that in the future we can rotate all n directory authorities without
 issue.

--

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2665#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list