Opened 16 years ago

Closed 21 months ago

#39 closed defect (wontfix)

Certificate rotation sometimes does not happen.

Reported by: weasel Owned by: nickm
Priority: Low Milestone:
Component: Mixminion-Server Version: 0.0.7
Severity: Normal Keywords:
Cc: weasel Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by arma)

[Moved from bugzilla]
Reporter: nickm@… (Nick Mathewson)

Opened: 2004-06-06 21:54

Sometimes, Mixminion servers become inoperable because they do not rotate their TLS certificates when they expire.

The cause for this bug is unknown. The bug has existed since at least 0.0.6.

You can tell that *another* server has come down with this bug because your log says something like:

Jun 06 00:55:08.643 -0400 [WARN] Certificate error: Invalid certificate from 'lakshmi' at (fd 9):
Certificate has expired [at Jun 6 00:05:00 2004 GMT]. Shutting down connection.

There are no such obvious signs on the failing server side, AFAIK.

As a band-aid, I could make TLS certificates get roatated daily, no matter what. (Right now, their rotation interval is tied to
packet key rotation.) This is probably the right thing to do, but before I do it, I want to understand why on earth it is happening.

Actually, the diagnosis may be completely wrong. Looking at, it seems like (by default)
certificates only have 5 minutes of sloppiness on either side of their lifetime. Thus, if anybody is
skewed by more than 5 minutes, their certificate will be invalid for the amount of their clock skew.

Hm... I'll up the interval for now, but I really need a way to detect relative skew.

I think I might have it nailed now -- I changed the code to warn about clock skew when it downloads a directory, bumped up the
skew tolerance, and rewrote the event scheduling code to be less clever and more obviously reliable. I also improved the warning
messages so we can find out how badly expired certs are expired.

If anybody sees this problem when running CVS code, please let me know.

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (2)

comment:1 Changed 3 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:2 Changed 21 months ago by arma

Description: modified (diff)
Resolution: Nonewontfix
Status: assignedclosed

mixminion is dead; long live mixminion

Note: See TracTickets for help on using tickets.