[tor-bugs] #5598 [Tor Relay]: Generate DH groups asynchronously when we change TLS keys (was: Turn DynamicDHGroups off by default)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun May 27 00:42:21 UTC 2012
#5598: Generate DH groups asynchronously when we change TLS keys
-------------------------+--------------------------------------------------
Reporter: rransom | Owner:
Type: enhancement | Status: new
Priority: major | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Changes (by mikeperry):
* priority: minor => major
Comment:
More seriously, rransom: would this retitling solve your problems?
We already rotate our TLS keys every two hours. Why not also rotate the DH
group then, too? If we did both at the same time, they shouldn't block the
control port like the DH one does, right? After all, TLS key generation
doesn't block... Haven't looked at the code for that bit yet, though...
Slightly more complicated fix, but it sounds more like the right one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5598#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list