Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 316
    • Issues 316
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 34
    • Merge requests 34
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #854
Closed
Open
Created Nov 08, 2008 by Trac@tracbot

Reducing an overload if certificates changed.

  1. Tor (caches) should not delete the old certificates as soon as a new received. In the current version the difference between the time of publications are usually more than 48 hours, except a rare cases.

  2. Client must request a certificates by signing key digest not identity, if a digest (from consensus) known and client wish to obtain it exactly. (If this does not entail additional risks)

  3. Client can trust a signature, for some a short period after certificate expired. This will reduce the risk of failure if the resulting consensus signed multiple keys, certificates that expired at the same time. Perhaps, authority directory also could continue this time to sign the consensus look for warning the owner.

  4. ...(your suggestion)

...

[Automatically added by flyspray2trac: Operating System: All]

Trac:
Username: rovv

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking