Offline directory authorities need a way to post their certificate to other authorities
We have wanted to be able to run (the signing parts of) a directory authority offline for a while, because it's more secure.
So I have been experimenting with an offline (ORPort and DirPort unreachable) directory authority on the test net.
Almost everything works: it posts votes, downloads votes from other authorities, signs consensuses, and posts its signature. It could easily do these things using a 3-hop Tor path.
But once its authority certificate expires, it has no way to post it to the other authorities.
A workaround is to overwrite another authority's cached-certs file with the missing authority certificate file. But this is nasty.
We should make authorities accept certificate posts, and post their certificates to one another.