aboutsummaryrefslogtreecommitdiff
path: root/doc/dir-spec.txt
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2005-01-21 08:20:01 +0000
committerRoger Dingledine <arma@torproject.org>2005-01-21 08:20:01 +0000
commit01cd23ef628cf0ff96743b04b18fb8573327d3fe (patch)
tree9a3369685f625609de04e6543940feca84a9ea37 /doc/dir-spec.txt
parentd4d131cc832818010bff04c1d5bf1e176b49520a (diff)
downloadtor-01cd23ef628cf0ff96743b04b18fb8573327d3fe.tar
tor-01cd23ef628cf0ff96743b04b18fb8573327d3fe.tar.gz
a few more thoughts about seeds
svn:r3399
Diffstat (limited to 'doc/dir-spec.txt')
-rw-r--r--doc/dir-spec.txt8
1 files changed, 6 insertions, 2 deletions
diff --git a/doc/dir-spec.txt b/doc/dir-spec.txt
index 32e71f92f..0c349a515 100644
--- a/doc/dir-spec.txt
+++ b/doc/dir-spec.txt
@@ -106,8 +106,12 @@ Piece two: (optional)
and not fingerprints, it also means that dirservers can rotate their
signing keys transparently.
- But, keeping track of the seed keys becomes a critical security issue;
- and rotating them in a backward-compatible way adds complexity.
+ But, keeping track of the seed keys becomes a critical security issue.
+ And rotating them in a backward-compatible way adds complexity. Also,
+ dirserver locations must be at least somewhere static, since each lost
+ dirserver degrades reachability for old clients. So as the dirserver
+ list rolls over we have no choice but to put out new versions.
+
Piece three: (optional)