tor/changes/feature15056

29 lines
1.6 KiB
Plaintext

o Major features (ed25519 identity keys):
- Relays now understand requests to extend to other relays
by their Ed25519 identity keys. When an Ed25519 identity key
is included in an EXTEND2 cell, the relay will only extend
the circuit if the other relay can prove ownership of that identity.
Implements part of ticket 15056; part of proposal 220.
- Clients now support including Ed25519 identity keys in the EXTEND2
cells they generate. By default, this is controlled by a consensus
parameter, currently disabled. You can turn this feature on for
testing by setting ExtendByEd25519ID in your configuration. This might
make your traffic appear different than the traffic generated by other
users, however.
Implements part of ticket 15056; part of proposal 220.
o Code simplification and refactoring:
- The code to generate and parse EXTEND and EXTEND2 cells has
been replaced with code automatically generated by the "trunnel"
utility.
- Remove data structures that were used to index or_connection objects by
their RSA identity digests. These structures are fully redundant with
the similar structures used in the channel abstraction.
o Minor features (directory authority):
- Add a new authority-only AuthDirTestEd25519LinkKeys option (on by
default) to control whether authorities should try to probe relays by
their Ed25519 link keys. This option will go away in a few
releases--unless we encounter major trouble in our ed25519 link
protocol rollout, in which case it will serve as a safety option.