mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 13:13:44 +01:00
Change the default of AuthDirPinKeys to 1.
Closes ticket 18319.
This commit is contained in:
parent
bd2a1d0231
commit
0dd48bfe5a
4
changes/ticket18319
Normal file
4
changes/ticket18319
Normal file
@ -0,0 +1,4 @@
|
||||
o Minor features (directory authority, security):
|
||||
- The default for AuthDirPinKeys is now 1: directory authorities will
|
||||
reject relays where the RSA identity key matches a previously seen
|
||||
value, but the Ed25519 key has changed. Closes ticket 18319.
|
@ -2265,7 +2265,7 @@ on the public Tor network.
|
||||
publish a descriptor if any other relay has reserved its <Ed25519,RSA>
|
||||
identity keypair. In all cases, Tor records every keypair it accepts
|
||||
in a journal if it is new, or if it differs from the most recently
|
||||
accepted pinning for one of the keys it contains. (Default: 0)
|
||||
accepted pinning for one of the keys it contains. (Default: 1)
|
||||
|
||||
[[AuthDirSharedRandomness]] **AuthDirSharedRandomness** **0**|**1**::
|
||||
Authoritative directories only. Switch for the shared random protocol.
|
||||
|
@ -211,7 +211,7 @@ static config_var_t option_vars_[] = {
|
||||
V(AuthDirInvalidCCs, CSV, ""),
|
||||
V(AuthDirFastGuarantee, MEMUNIT, "100 KB"),
|
||||
V(AuthDirGuardBWGuarantee, MEMUNIT, "2 MB"),
|
||||
V(AuthDirPinKeys, BOOL, "0"),
|
||||
V(AuthDirPinKeys, BOOL, "1"),
|
||||
V(AuthDirReject, LINELIST, NULL),
|
||||
V(AuthDirRejectCCs, CSV, ""),
|
||||
OBSOLETE("AuthDirRejectUnlisted"),
|
||||
|
Loading…
Reference in New Issue
Block a user