Opened 19 months ago

Last modified 17 months ago

#25203 new enhancement

document max. value of SigningKeyLifetime

Reported by: cypherpunks Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Minor Keywords: easy, tor-doc, 034-triage-20180328, 034-removed-20180328
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

tor's manpage says:

SigningKeyLifetime N days|weeks|months
For how long should each Ed25519 signing key be valid? Tor uses a permanent master identity key that can be kept
offline, and periodically generates new "signing" keys that it uses online. This option configures their lifetime.
(Default: 30 days)

It does not include information about what is the biggest acceptable value. Tor simply fails to start if the given value is to big:

[warn] Interval 'XX months' is too long
[warn] Failed to parse/validate config: Interval 'SigningKeyLifetime XX months' is malformed or out of bounds.

Please also mention if there is a value for SigningKeyLifetime where it is actually less safe than running in non-OfflineMasterKey mode (maybe it is less safe to set it to 10y in OfflineMasterKey mode than to run in non-OfflineMasterKey mode?) and if it makes any sense to modify this value in non-OfflineMasterKey mode (because that is apparently possible).

Child Tickets

Change History (4)

comment:1 Changed 18 months ago by nickm

Milestone: Tor: 0.3.3.x-finalTor: 0.3.4.x-final

So, the "malformed or out of bounds" warning seems to happen if you specify *any* interval that's over INT_MAX seconds long [approx 68 years]. I don't know whether it makes more sense to document that as a maximum for all the various intervals, or whether it makes more sense to treat super-long intervals for stuff like SigningKeyLifetime as meaning "forever".

I don't have easy answers for the other questions; does anyone else?

comment:2 Changed 17 months ago by nickm

Keywords: 034-triage-20180328 added

comment:3 Changed 17 months ago by nickm

Keywords: 034-removed-20180328 added

Per our triage process, these tickets are pending removal from 0.3.4.

comment:4 Changed 17 months ago by nickm

Milestone: Tor: 0.3.4.x-finalTor: unspecified

These tickets, tagged with 034-removed-*, are no longer in-scope for 0.3.4. We can reconsider any of them, if time permits.

Note: See TracTickets for help on using tickets.