Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#10162 closed enhancement (fixed)

Make dir-key-crosscert mandatory

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: 0.2.5.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-client 024-backport
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In proposal 157, we added a cross-certification element for directory authority certificates. We implemented it in 0.2.1.9-alpha. All Tor directory authorities now generate it. We should, as planned, make it required, so that we can finally close proposal 157 as done.

Child Tickets

Change History (4)

comment:1 Changed 6 years ago by nickm

Status: newneeds_review

See branch "finish_prop157" in my public Tor repository, and the corresponding "finish_prop157" in my public torspec repository. This a very simple change.

comment:2 Changed 6 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merging!

comment:3 Changed 6 years ago by arma

moria1 when restarted complained

Nov 19 00:25:21.639 [warn] Parse error: missing dir-key-crosscert element.
Nov 19 00:25:21.639 [warn] Error tokenizing key certificate
Nov 19 00:25:21.643 [warn] Couldn't load all cached v3 certificates. Starting anyway.

hopefully this is normal and expected, but figured I should say it in case it made you uncomfortable.

comment:4 Changed 6 years ago by nickm

I'm guessing that's from an extremely old certificate you've still got around somehow?

Note: See TracTickets for help on using tickets.