GitLab

As discussed on [https://blog.torproject.org/blog/openssl-bug-cve-2014-0160], directory authorities must rotate their relay identity keys in order to recover from possible exposure due to the ‘Heartbleed’ bug. (A dirauth's relay identity key could be used by a MITM attacker to feed clients an outdated consensus, for example.)

There are two requirements in order to do this without causing a network meltdown:

• A dirauth must be able to sign relay descriptors using multiple relay identity keys at once.
• A dirauth must be able to operate multiple ORPorts at once, with (possibly) different relay identity keys.