Closed (moved)
networkstatus_check_consensus_signature() shouldn't warn because of missing certs
View options
networkstatus_check_consensus_signature() shouldn't warn because of missing certs
View options
If you're first bootstrapping and enough of your certificate downloads fail at least twice, you might see something like:
A consensus needs 5 good signatures from recognized authorities for us to accept it. This one has 0 (). It has 1 signatures from authorities we don't recognize. We were unable to check 7 of the signatures, because we were missing the keys.
That's not too helpful, especially to a new user.
From IRC, with irrelevant stuff omitted:
19:45 < armadev> if it warns about a consensus that it might not warn about
once it has certs, and once it gets certs it checks again, it
seems that the warn is a bug
19:47 <@nickm> armadev: Hm. You're saying that if we can't verify the
consensus, and missing certs might enable us to do so, the
warnings should instead be "Hey I've tried to download
certificates and it didn't work yet, trying more?"
19:47 <@nickm> or no warning
19:48 < armadev> i was saying no warning
19:49 < armadev> assuming we later warn if we fail to fetch the certs we
wanted, and we warn if we later don't like the consensus we
can now check
19:50 <@nickm> sounds okay. May I copy+paste some of the stuff you've said to
make a new ticket, or do you want to open one?
19:50 < armadev> go for it
19:51 < armadev> this is especially relevant because the case where you don't
have the certs yet means you're probably a new user starting
tor for the first time, nervously looking at the message log