Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#10162 closed enhancement (fixed)

Make dir-key-crosscert mandatory

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: 0.2.5.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-client 024-backport
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


In proposal 157, we added a cross-certification element for directory authority certificates. We implemented it in All Tor directory authorities now generate it. We should, as planned, make it required, so that we can finally close proposal 157 as done.

Child Tickets

Change History (4)

comment:1 Changed 7 years ago by nickm

Status: newneeds_review

See branch "finish_prop157" in my public Tor repository, and the corresponding "finish_prop157" in my public torspec repository. This a very simple change.

comment:2 Changed 7 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed


comment:3 Changed 7 years ago by arma

moria1 when restarted complained

Nov 19 00:25:21.639 [warn] Parse error: missing dir-key-crosscert element.
Nov 19 00:25:21.639 [warn] Error tokenizing key certificate
Nov 19 00:25:21.643 [warn] Couldn't load all cached v3 certificates. Starting anyway.

hopefully this is normal and expected, but figured I should say it in case it made you uncomfortable.

comment:4 Changed 7 years ago by nickm

I'm guessing that's from an extremely old certificate you've still got around somehow?

Note: See TracTickets for help on using tickets.