Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

changes file and manpage entry for AuthDirPinKeys

Nick Mathewson 8 years ago
parent
01733e2b15
commit
51d18aeb42
2 changed files with 14 additions and 0 deletions
Split View Show Diff Stats
  1. 7 0
      changes/bug17135
  2. 7 0
      doc/tor.1.txt

+ 7 - 0
changes/bug17135
View File 

@@ -0,0 +1,7 @@
 
+  o Major features (Ed25519 keys, keypinning)
 
+    - The key-pinning option on directory authorities is now
 
+      advisory-only by default. In a future version, or when the
 
+      AuthDirPinKeys option is set, pins are enforced again.
 
+      Disabling key-pinning seemed like a good idea so that we can
 
+      survive the fallout of any usability problems associated with
 
+      ed25519 keys. Closes ticket 17135.

+ 7 - 0
doc/tor.1.txt
View File 

@@ -2081,6 +2081,13 @@ on the public Tor network.
 
     or more is always sufficient to satisfy the bandwidth requirement
 
     for the Guard flag. (Default: 250 KBytes)
 
 
+[[AuthDirPinKeys]] **AuthDirPinKeys** **0**|**1**::
 
+    Authoritative directories only. If non-zero, do not allow any relay to
 
+    publish a descriptor if any other relay has reserved its <Ed25519,RSA>
 
+    identity keypair. In all cases, Tor records every keypair it accepts
 
+    in a journal if it is new, or if it differs from the most recently
 
+    accepted pinning for one of the keys it contains. (Default: 0)
 
+
 
 [[BridgePassword]] **BridgePassword** __Password__::
 
     If set, contains an HTTP authenticator that tells a bridge authority to
 
     serve all requested bridge information. Used by the (only partially