[tor-relays] Heartbleed" Exchange of keys now or later?

Sebastian Urbach sebastian at urbach.org
Wed Apr 9 14:26:18 UTC 2014


I recall that Roger Dingledine pointed out that this is a stress situation 
for the whole network, but the flags should be in order in just a few days 

Better to update OpenSSL right now, discard everything in /keys and wait 
for the recovery. I expect that the vast majority of the systems should be 
back to business as usual in about 2-3 days.

After updating the OpenSSL, I chopped our relay's keys at noon EST 
yesterday. The traffic has indeed collapsed since then. Old configuration 
was averaging around 55Mb/s per my Cacti. A URL here:


This morning my Cacti graphs say it is still sitting at near nothing, like 
1.5Mb. "arm" says between 500-600Kb/s. The new URL is here and at least at 
this time, you can really see the dropoff in the 3-day graph.


I wonder how long it will take our relays to recover?

I wonder if it is a good idea, or technically feasible, to do a one time 
kick-over of something in the Tor network so that the system sees what the 
relay flags etc. should be on these emergency-redefined relays. Certainly 
if everyone updated at once and the traffic died like this everywhere, Tor 
would be pretty messed.

tor-relays mailing list
tor-relays at lists.torproject.org

More information about the tor-relays mailing list