Document key-pinning-journal

Closes 22347
2024-09-20 13:06:20 +02:00 · 2017-06-16 14:26:21 -04:00 · 2017-06-16 14:26:21 -04:00 · a73d0fe9a8
commit a73d0fe9a8
parent 80ad374b84
2 changed files with 9 additions and 0 deletions
--- a/changes/bug22347
+++ b/changes/bug22347
@ -0,0 +1,2 @@
+  o Documentation:
+    - Add a manpage description for the key-pinning-journal file.
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@ -2741,6 +2741,13 @@ __DataDirectory__**/lock**::
    directory. If access to this file is locked, data directory is already
    in use by Tor.

+__DataDirectory__**/key-pinning-journal**::
+    Used by authorities. A line-based file that records mappings between
+    RSA1024 identity keys and Ed25519 identity keys. Authorities enforce
+    these mappings, so that once a relay has picked an Ed25519 key, stealing
+    or factoring the RSA1024 key will no longer let an attacker impersonate
+    the relay.
+
 __DataDirectory__**/keys/***::
    Only used by servers. Holds identity keys and onion keys.