[tor-dev] Implications of openssl bug on directory authorities

Part one: Facts as I understand them There are 9 directory authorities, and clients only believe a consensus networkstatus if it's signed by a majority (5) of them. Two (moria1 and urras) of the directory authorities were unaffected by the openssl bug, and

Re: [tor-dev] Implications of openssl bug on directory authorities

On Wed, Apr 9, 2014 at 5:49 AM, Roger Dingledine a...@mit.edu wrote: [...] Anybody have a plan 3? Update the client and server code to explicitly blacklist the old signing keys, and design a better key revocation mechanism for the next time, in case there is a next time? -- Nick

Re: [tor-dev] How to run a headless second Firefox instance?

On 09/04/14 07:29, David Fifield wrote: It gets the job done, but it sucks because the first thing you see is the dialog and you have to know not to close it. Is there a way to accomplish the same thing (keep the browser running, but don't show a browser window) without raising a conspicuous

Re: [tor-dev] How to run a headless second Firefox instance?

On 09/04/14 16:31, Ximin Luo wrote: On 09/04/14 07:29, David Fifield wrote: It gets the job done, but it sucks because the first thing you see is the dialog and you have to know not to close it. Is there a way to accomplish the same thing (keep the browser running, but don't show a browser

Re: [tor-dev] How to run a headless second Firefox instance?

On Wed, Apr 09, 2014 at 04:31:57PM +0100, Ximin Luo wrote: On 09/04/14 07:29, David Fifield wrote: It gets the job done, but it sucks because the first thing you see is the dialog and you have to know not to close it. Is there a way to accomplish the same thing (keep the browser running,

Re: [tor-dev] How to run a headless second Firefox instance?

Is there a way to accomplish the same thing (keep the browser running, but don't show a browser window) without raising a conspicuous dialog? Selenium seems to use xvfb as a virtual display. There's also a new nsIAppShellService::createWindowslessBrowser(), but I don't think that's ready.

Re: [tor-dev] Proposal 230: How to change RSA1024 relay identity keys

On Tue, Apr 8, 2014 at 2:15 PM, Nicholas Hopper hop...@cs.umn.edu wrote: To clarify here: does router[s] descriptors signed by the old identity include the old-id field? That is, in case an identity key is compromised is there a race to claim the old-id mapping? If not, how should the

[tor-dev] updated two tor-spec proposals

The URLs are the same. They are: (1) http://dl.dropbox.com/u/3308162/230-quicken-tor2web-mode.txt (2) http://dl.dropbox.com/u/3308162/231-remittance-addresses.txt I clarified them a bit and corrected the formatting. Previously people asked for more details such as what other specs will be