Dirauths must support multiple relay identity keys at once
As discussed on [https://blog.torproject.org/blog/openssl-bug-cve-2014-0160], directory authorities must rotate their relay identity keys in order to recover from possible exposure due to the ‘Heartbleed’ bug. (A dirauth's relay identity key could be used by a MITM attacker to feed clients an outdated consensus, for example.)
There are two requirements in order to do this without causing a network meltdown:
- A dirauth must be able to sign relay descriptors using multiple relay identity keys at once.
- A dirauth must be able to operate multiple ORPorts at once, with (possibly) different relay identity keys.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information