Update the protocol versions recommendations to remove LinkAuth=1

LinkAuth method 1 is the one where we pull the TLS master secrets
out of the OpenSSL data structures and authenticate them with
RSA. Right now we list method 1 as required for clients and relays.
That's a problem, since we can't reasonably support it with NSS. So
let's remove it as a requirement and a recommendation.

As for method 3: I'd like to recommend it it, but that would make
0.2.9 start warning.  Let's not do that till at least some time
after 0.3.5 (the next LTS) is stable.

Closes ticket 27286

1 files changed, 4 insertions, 4 deletions

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 08557a6a10..a1ccf03e91 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -3082,16 +3082,16 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key,
   /* These are hardwired, to avoid disaster. */
   v3_out->recommended_relay_protocols =
     tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 "
-               "Link=4 LinkAuth=1 Microdesc=1-2 Relay=2");
+               "Link=4 Microdesc=1-2 Relay=2");
   v3_out->recommended_client_protocols =
     tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 "
-               "Link=4 LinkAuth=1 Microdesc=1-2 Relay=2");
+               "Link=4 Microdesc=1-2 Relay=2");
   v3_out->required_client_protocols =
     tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 "
-               "Link=4 LinkAuth=1 Microdesc=1-2 Relay=2");
+               "Link=4 Microdesc=1-2 Relay=2");
   v3_out->required_relay_protocols =
     tor_strdup("Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 "
-               "Link=3-4 LinkAuth=1 Microdesc=1 Relay=1-2");
+               "Link=3-4 Microdesc=1 Relay=1-2");
 
   /* We are not allowed to vote to require anything we don't have. */
   tor_assert(protover_all_supported(v3_out->required_relay_protocols, NULL));