TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-01-07 16:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
tailscale/tka
History
Anton Tolchanov fd6686d81a tka: truncate long rotation signature chains 
When a rotation signature chain reaches a certain size, remove the
oldest rotation signature from the chain before wrapping it in a new
rotation signature.

Since all previous rotation signatures are signed by the same wrapping
pubkey (node's own tailnet lock key), the node can re-construct the
chain, re-signing previous rotation signatures. This will satisfy the
existing certificate validation logic.

Updates #13185

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2024-09-04 22:17:21 +01:00
..
aum_test.go
all: update copyright and license headers
2023-01-27 15:36:29 -08:00
aum.go
all: use new AppendEncode methods available in Go 1.22 (#11079)
2024-02-08 17:55:03 -08:00
builder_test.go
all: update copyright and license headers
2023-01-27 15:36:29 -08:00
builder.go
all: update copyright and license headers
2023-01-27 15:36:29 -08:00
chaintest_test.go
all: use Go 1.22 range-over-int
2024-04-16 15:32:38 -07:00
deeplink_test.go
tka: add function for generating signing deeplinks (#8385)
2023-06-20 09:36:37 -07:00
deeplink.go
tka: add function for generating signing deeplinks (#8385)
2023-06-20 09:36:37 -07:00
key_test.go
all: update copyright and license headers
2023-01-27 15:36:29 -08:00
key.go
tka: guard against key-length panics when verifying signatures
2023-07-19 15:33:01 -05:00
scenario_test.go
all: cleanup unused code, part 1 (#10661)
2023-12-20 14:50:30 -08:00
sig_test.go
tka: truncate long rotation signature chains
2024-09-04 22:17:21 +01:00
sig.go
tka: truncate long rotation signature chains
2024-09-04 22:17:21 +01:00
state_test.go
various: add golangci-lint, fix issues (#7905)
2023-04-17 18:38:24 -04:00
state.go
tka: clarify field comment
2023-11-27 18:35:33 -05:00
sync_test.go
all: update copyright and license headers
2023-01-27 15:36:29 -08:00
sync.go
all: use Go 1.22 range-over-int
2024-04-16 15:32:38 -07:00
tailchonk_test.go
tka: fix go vet complaint on copy of lock value in tailchonk_test.go (#8208)
2023-05-25 13:34:13 -07:00
tailchonk.go
all: use Go 1.22 range-over-int
2024-04-16 15:32:38 -07:00
tka_clone.go
cmd/tl-longchain: tool to re-sign nodes with long rotation signatures
2024-08-21 18:22:22 +01:00
tka_test.go
all: implement lock revoke-keys command
2023-08-01 15:37:55 -05:00
tka.go
ipn/ipnlocal: discard node keys that have been rotated out
2024-06-03 10:56:09 +01:00