tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit a73d0fe9a87df762474ee928ff9e6282e5e38430
parent 80ad374b8457e4c92f88f8a89376a8ca87231c9c
Author: Nick Mathewson <nickm@torproject.org>
Date:   Fri, 16 Jun 2017 14:26:21 -0400

Document key-pinning-journal

Closes 22347

Diffstat:

Achanges/bug22347 | 2++


Mdoc/tor.1.txt | 7+++++++


2 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/changes/bug22347 b/changes/bug22347
@@ -0,0 +1,2 @@
+  o Documentation:
+    - Add a manpage description for the key-pinning-journal file.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
@@ -2741,6 +2741,13 @@ __DataDirectory__**/lock**::
     directory. If access to this file is locked, data directory is already
     in use by Tor.
 
+__DataDirectory__**/key-pinning-journal**::
+    Used by authorities. A line-based file that records mappings between
+    RSA1024 identity keys and Ed25519 identity keys. Authorities enforce
+    these mappings, so that once a relay has picked an Ed25519 key, stealing
+    or factoring the RSA1024 key will no longer let an attacker impersonate
+    the relay.
+
 __DataDirectory__**/keys/***::
     Only used by servers. Holds identity keys and onion keys.