r8977@Kushana: nickm | 2006-09-28 19:56:41 -0400

 Make "is a v1 authority", "is a v2 authority", and "is a hidden service authority" into separate flags so we can eventually migrate more trust away from moria.


svn:r8523

2 files changed, 19 insertions, 5 deletions

diff --git a/doc/TODO b/doc/TODO
index b3fe48b8a0..82c41af43a 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -35,13 +35,16 @@ x - If the client's clock is too far in the past, it will drop (or
       D The right thing here is to revamp our node selection implementation.
         (Deferred until oprofile says this matters.)
     o make it configurable, so people can turn it on or off.
+N - Test guard unreachable logic; make sure that we actually attempt to
+    connect to guards that we think are unreachable from time to time.
+    Make sure that we don't freak out when the network is down.
 N - Clients stop dumping old descriptors if the network-statuses
     claim they're still valid.
 R . If we fail to connect via an exit enclave, (warn and) try again
     without demanding that exit node.
     - And recognize when extending to the enclave node is failing,
       so we can abandon then too.
-N - We need a separate list of "hidserv authorities" if we want to
+  o We need a separate list of "hidserv authorities" if we want to
     retire moria1 from the main list.
 P - Figure out why dll's compiled in mingw don't work right in Winxp.
 P - Figure out why openssl 0.9.8c "make test" fails at sha256t test.
@@ -58,6 +61,12 @@ R   - Actually list all the events (notice and warn log messages are a good
 N   - Specify general event system
 R   - Specify actual events.
 
+N - Have (and document) a BEGIN_DIR relay cell that means "Connect to your
+    directory port."
+    - Specify
+    - Implement
+    - Use for something, so we can be sure it works.
+
 x - We should ship with a list of stable dir mirrors -- they're not
     trusted like the authorities, but they'll provide more robustness
     and diversity for bootstrapping clients.
diff --git a/doc/tor.1.in b/doc/tor.1.in
index c949ca92a8..1d03ba7d47 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -98,14 +98,19 @@ security. (Default: 0)
 Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
 .LP
 .TP
-\fBDirServer \fR[\fInickname\fR] [\fBv1\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
+\fBDirServer \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
 Use a nonstandard authoritative directory server at the provided
 address and port, with the specified key fingerprint.  This option can
 be repeated many times, for multiple authoritative directory
-servers.  If the "v1" option is provided, Tor will use this server as an
+servers.  Flags are separated by spaces, and determine what kind of an
+authority this directory is.  By default, every authority is authoritative
+for current ("v2")-style directories, unless the "no-v2" flag is given.  If the "v1" flags is provided, Tor will use this server as an
 authority for old-style (v1) directories as well.  (Only directory mirrors
-care about this.) If no \fBdirserver\fP line is given, Tor will use the default
-directory servers: moria1, moria2, and tor26.  NOTE: this option is intended
+care about this.)  Tor will use this server as an authority for hidden
+service information if the "hs" flag is set, or if the "v1" flag is set and
+the "no-hs" flag is \fBnot\fP set.
+If no \fBdirserver\fP line is given, Tor will use the default
+directory servers.  NOTE: this option is intended
 for setting up a private Tor network with its own directory authorities.  If
 you use it, you will be distinguishable from other users, because you won't
 believe the same authorities they do.