| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-09-23 | New AuthDirPinKeys option to enable/disable keypinning enforcement | Nick Mathewson | |
| Implements ticket #17135. We're going to need this one to avoid chaos as everybody figures out how ed25519 keys work. | |||
| 2015-05-28 | Tie key-pinning logic into directory authority operation | Nick Mathewson | |
| With this patch: * Authorities load the key-pinning log at startup. * Authorities open a key-pinning log for writing at startup. * Authorities reject any router with an ed25519 key where they have previously seen that ed25519 key with a different RSA key, or vice versa. * Authorities warn about, but *do not* reject, RSA-only descriptors when the RSA key has previously gone along with an Ed25519 key. (We should make this a 'reject' too, but we can't do that until we're sure there's no legit reason to downgrade to 0.2.5.) | |||
| 2015-05-28 | Key-pinning back-end for directory authorities. | Nick Mathewson | |
| This module implements a key-pinning mechanism to ensure that it's safe to use RSA keys as identitifers even as we migrate to Ed25519 keys. It remembers, for every Ed25519 key we've seen, what the associated Ed25519 key is. This way, if we see a different Ed25519 key with that RSA key, we'll know that there's a mismatch. We persist these entries to disk using a simple format, where each line has a base64-encoded RSA SHA1 hash, then a base64-endoded Ed25519 key. Empty lines, misformed lines, and lines beginning with a # are ignored. Lines beginning with @ are reserved for future extensions. | |||
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |