View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0002266GNUnetGNSpublic2012-04-12 17:022012-11-05 18:34
Reporterschanzen Assigned Toschanzen  
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status closedResolutionfixed 
Product VersionGit master 
Target Version0.9.4 
Summary0002266: GNS key revocation
DescriptionGNS zonekeys should be revocable. To do this we should simply remove all record from our local zone and then put a single record for +:

    name type value
RR: + REV NULL
This record needs to be put (into the DHT) via a CLI tool (maybe a cronjob)

The GNS service on any peer should then query the DHT periodically for all known PKEYs in the local zone and look for a REV entry. If one is found the zone will be purged. (This could be done by the namestore as well when it encounters this record data)
TagsNo tags attached.

Activities

schanzen

2012-06-19 20:41

administrator   ~0006108

Since periodically checking for revoked keys does not really have an avantage over doing this on the fly I implemented it like this:

When we encounter a PKEY delegation in the namestore we query for a "+" REV record. If none is found (no "+" record of any kind) we try to resolve using the PKEY and start a background lookup for +.
Some goes for expired "+" record UNLESS we find a REV in there. In that case we consider the zone as revoked.

Fixed in SVN

Issue History

Date Modified Username Field Change
2012-04-12 17:02 schanzen New Issue
2012-04-12 17:02 schanzen Status new => assigned
2012-04-12 17:02 schanzen Assigned To => schanzen
2012-04-18 13:14 Christian Grothoff Severity minor => feature
2012-05-03 01:21 Christian Grothoff Product Version => Git master
2012-05-03 01:21 Christian Grothoff Target Version => 0.9.4
2012-06-19 20:41 schanzen Note Added: 0006108
2012-06-19 20:41 schanzen Status assigned => resolved
2012-06-19 20:41 schanzen Resolution open => fixed
2012-11-05 18:34 Christian Grothoff Status resolved => closed