Document key-pinning-journal

author Nick Mathewson <nickm@torproject.org>

Fri, 16 Jun 2017 18:26:21 +0000 (14:26 -0400)

committer Nick Mathewson <nickm@torproject.org>

Fri, 16 Jun 2017 18:26:50 +0000 (14:26 -0400)
author Nick Mathewson <nickm@torproject.org>
Fri, 16 Jun 2017 18:26:21 +0000 (14:26 -0400)
committer Nick Mathewson <nickm@torproject.org>
Fri, 16 Jun 2017 18:26:50 +0000 (14:26 -0400)
diff --git a/changes/bug22347 b/changes/bug22347

new file mode 100644 (file)

index 0000000..f294ba0
--- /dev/null
+++ b/changes/bug22347
@@ -0,0 +1,2 @@
+  o Documentation:
+    - Add a manpage description for the key-pinning-journal file.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt

index 5e0a71ca261f0b89f8602fbf641852ddecb9a31b..7544c03f973e0feb80a664263cdbaff989420780 100644 (file)
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2741,6 +2741,13 @@ __DataDirectory__**/lock**::
      directory. If access to this file is locked, data directory is already
      in use by Tor.
  
+__DataDirectory__**/key-pinning-journal**::
+    Used by authorities. A line-based file that records mappings between
+    RSA1024 identity keys and Ed25519 identity keys. Authorities enforce
+    these mappings, so that once a relay has picked an Ed25519 key, stealing
+    or factoring the RSA1024 key will no longer let an attacker impersonate
+    the relay.
+
  __DataDirectory__**/keys/***::
      Only used by servers. Holds identity keys and onion keys.
author	Nick Mathewson <nickm@torproject.org>
	Fri, 16 Jun 2017 18:26:21 +0000 (14:26 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Fri, 16 Jun 2017 18:26:50 +0000 (14:26 -0400)
changes/bug22347	[new file with mode: 0644]	patch \| blob
doc/tor.1.txt		patch \| blob \| blame \| history