Changes between Initial Version and Version 1 of Ticket #16580


Ignore:
Timestamp:
Jul 14, 2015, 1:55:04 PM (4 years ago)
Author:
nickm
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #16580 – Description

    initial v1  
    33We should fix this before we release 0.2.7.2-alpha.
    44
    5 I see two options here.
     5I see ~~two~~four options here.
    66
    771. Make it okay to edit the key-pinning journal on a running Tor.  That's not so great; we need to be able to append to it, and editors may have swap-file races with it.
    882. Add a torrc option to unpin an existing key.  This would only need to be stuck into the torrc once; it would remove the pin, and allow a new key pin to occur.
     93. No fix; hope that this situation never happens again; tell the authoritiy ops to edit the keypinning file when they upgrade, or give them a script to do it.
     104. One-off fix: undo the pin in software for the two specific keypairs affected, and hope this never happens again.