diff options
| -rw-r--r-- | changes/ticket18319 | 4 | ||||
| -rw-r--r-- | doc/tor.1.txt | 2 | ||||
| -rw-r--r-- | src/or/config.c | 2 |
3 files changed, 6 insertions, 2 deletions
diff --git a/changes/ticket18319 b/changes/ticket18319 new file mode 100644 index 0000000000..41c5b5641f --- /dev/null +++ b/changes/ticket18319 @@ -0,0 +1,4 @@ + o Minor features (directory authority, security): + - The default for AuthDirPinKeys is now 1: directory authorities will + reject relays where the RSA identity key matches a previously seen + value, but the Ed25519 key has changed. Closes ticket 18319. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 46b10773bd..8c8922bc29 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2277,7 +2277,7 @@ on the public Tor network. publish a descriptor if any other relay has reserved its <Ed25519,RSA> identity keypair. In all cases, Tor records every keypair it accepts in a journal if it is new, or if it differs from the most recently - accepted pinning for one of the keys it contains. (Default: 0) + accepted pinning for one of the keys it contains. (Default: 1) [[AuthDirSharedRandomness]] **AuthDirSharedRandomness** **0**|**1**:: Authoritative directories only. Switch for the shared random protocol. diff --git a/src/or/config.c b/src/or/config.c index f885cbca3b..2c239a5e34 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -212,7 +212,7 @@ static config_var_t option_vars_[] = { V(AuthDirInvalidCCs, CSV, ""), V(AuthDirFastGuarantee, MEMUNIT, "100 KB"), V(AuthDirGuardBWGuarantee, MEMUNIT, "2 MB"), - V(AuthDirPinKeys, BOOL, "0"), + V(AuthDirPinKeys, BOOL, "1"), V(AuthDirReject, LINELIST, NULL), V(AuthDirRejectCCs, CSV, ""), OBSOLETE("AuthDirRejectUnlisted"), |