[tor-dev] proposal 240: Early signing key revocation for directory authorities.
Nick Mathewson
nickm at alum.mit.edu
Sun Jan 11 18:22:57 UTC 2015
On Sun, Jan 11, 2015 at 4:23 AM, Peter Palfrader <weasel at torproject.org> wrote:
> On Sat, 10 Jan 2015, Nick Mathewson wrote:
>
>> This proposal describes a simple way for directory authorities to
>> perform signing key revocation.
>>
>> 2. Specification
>>
>> We add the following lines to the authority signing certificate
>> format:
>>
>> revoked-signing-key SP algname SP FINGERPRINT NL
>
> Why not implictly revoke any previous signing key when we see a new,
> valid signing key certificate with a later published timestamp?
>
> It would appear to be simpler and require less state.
My main worry there is that it's possible to accidentally publish a
certificate in the far future. If we can prevent that from ever
happening, then we can probably just do what you suggest. Any
thoughts?
--
Nick
More information about the tor-dev
mailing list