> On 6 Dec. 2016, at 10:32, David Goulet <[email protected]> wrote: > > On 06 Dec (10:09:57), teor wrote: >> >>> ... > >> >> Here's a suggested strategy: >> * at load time, validate the HS options as if v2 is the default, and >> validate them as if v3 is the default, and fail if either validation >> fails. >> * then, act on the HS options as if v2 is the default, and also act as >> if v3 is the default, and fail if either action fails. >> (We need to do this because we don't discover some option issues >> until runtime, such as whether the directory can be created.) >> * then, when each consensus is downloaded, publish whichever descriptor >> is the default in the consensus (if the HS config does not specify >> a specific version). > > This is a reasonable way to proceed considering we use a consensus param to > know which version of default HS to create. I see this as more of an > engineering problem that can be solved. > > Which what I would like us to decide on if we think that consensus param > controlling the default version is a good idea or not. If we think yes, we can > pull it off, if not everything is simpler :). > > So just to be clear, I'm behind you on the concern of making sure we validate > the options on launch instead of failing at consensus download. There are ways > we can address that like you outlined above.
Yes, I think it is possible, and a better outcome than baking a protocol default into the first release we want to use it in. As long as you are willing to put in the extra dev and test effort! T -- Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------ _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
