commit 6c14f9076f80f7749543841d47a032d9a71bc6b6
Author: Roger Dingledine <a...@torproject.org>
Date:   Wed Mar 24 18:17:13 2021 -0400

    fix up the keypinning comments
---
 src/feature/dirauth/keypin.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/src/feature/dirauth/keypin.c b/src/feature/dirauth/keypin.c
index 40353d6b19..29aefd1069 100644
--- a/src/feature/dirauth/keypin.c
+++ b/src/feature/dirauth/keypin.c
@@ -58,18 +58,16 @@
  * with which Ed25519 keys, and force such associations to be permanent.
  *
  * This module implements a key-pinning mechanism to ensure that it's safe
- * to use RSA keys as identitifers even as we migrate to Ed25519 keys.  It
- * remembers, for every Ed25519 key we've seen, what the associated Ed25519
+ * to use RSA keys as identifiers even as we migrate to Ed25519 keys.  It
+ * remembers, for every Ed25519 key we've seen, what the associated RSA
  * key is.  This way, if we see a different Ed25519 key with that RSA key,
  * we'll know that there's a mismatch.
  *
- * (As of this writing, these key associations are advisory only, mostly
- * because some relay operators kept mishandling their Ed25519 keys during
- * the initial Ed25519 rollout.  We should fix this problem, and then toggle
- * the AuthDirPinKeys option.)
+ * As of Tor 0.3.0.2-alpha the AuthDirPinKeys option has been on, meaning
+ * we drop descriptors with mismatches.
  *
  * We persist these entries to disk using a simple format, where each line
- * has a base64-encoded RSA SHA1 hash, then a base64-endoded Ed25519 key.
+ * has a base64-encoded RSA SHA1 hash, then a base64-encoded Ed25519 key.
  * Empty lines, malformed lines, and lines beginning with # are
  * ignored. Lines beginning with @ are reserved for future extensions.
  *

_______________________________________________
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Reply via email to