Open masomel opened 7 years ago
how does an auditor obtain the directory's signing key?
Maybe this relates to #52.
For now, we have made the decision to pin each tracked server's keys (and initial STRs) in the auditor. This will require manual updating of auditor configurations, but we can enhance this feature once there are more auditors in the system.
Specifically: how does an auditor obtain the initial STR, the directory's prior history and the directory's signing key?
Potential solution: Assuming a directory
d
has a list of running auditors, wheneverd
generates a newSTR(t)
, it broadcastsSTR(t)
to all auditors in the list. If an auditora
observes an STR ford
for the first time,a
sends a request tod
to obtaind
's prior STR history[STR(0), STR(t-1)]
andd
's signing key.a
then verifiesd
's prior history, as well as the STR(t) it observed. If these verifications pass,a
storesd
's STR history. At the next epoch whend
broadcastsSTR(t+1)
,a
then verifies the STR hash chain as usual.