-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/09/15 18:16, Damian Johnson wrote:
Hi Karsten. Quick question: with the switchover are relay fingerprints going away? That is to say, server descriptors no longer have a...
fingerprint D203 4DDF 1275 A234 4F66 9935 A3EF B908 FFC7 AE9A
... line, and router status entries don't have it on their dir-source?
If not, what in particular are being dropped?
Cheers! -Damian
yes, I think that's the plan. Please see proposal 220, Sections 8 and 9 for some more details.
Thanks Karsten. Now that I know this isn't a completely foolish question adding tor-dev@ back in.
If we're dropping the fingerprint that's a lot more invasive. Fingerprints are relay's canonical identity, and simply dropping them will break... a lot. I'd suggest instead relays should continue to have a fingerprint but that it's the 40 character hex hash of the ed25519 identity.
It's true, dropping the fingerprint is quite invasive and might break things. But that's why we're making plans now to make this transition as smooth as possible.
However, I don't think that we can get away by just replacing the existing 20 byte long RSA key digest with a 20 byte long hash of the new, 32 byte long ed25519 key. There are probably cryptographic reasons for that. But in addition to that, there should be a time when relays use both fingerprints in parallel so that directory authorities and other tools can build a map from old to new identities. Otherwise, relays would lose all their history only because they are switching from RSA to ed25519, and wouldn't that be sad? There might be more reasons that I'm currently not thinking of. But: I'm not making this call, I'm just thinking about the possible impact of this change and which code needs to be updated.
How about we talk more about this in Berlin together with Nick? Maybe take a look at the list I wrote and think of other code that will need work when this change actually takes place?
All the best, Karsten
On a side note it would be nice to have a spec patch before changing things this time. Sections 8 and 9 are a fine summary, but it's not clear to me precisely how the descriptors are changing from it. They certainly don't say to me "we're dropping the fingerprint field". If that change went out without a spec patch first I'd borrow Mr. Potato Head's angry eyes to stare at its author.
Cheers! -Damian _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev