commit 4a9f41e1eca32a8dbe53e1e4848e5f0d50c73731 Author: Nick Mathewson nickm@torproject.org Date: Thu May 28 11:40:20 2015 -0400
Bug 12498 needs a changes file. --- changes/bug12498 | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+)
diff --git a/changes/bug12498 b/changes/bug12498 new file mode 100644 index 0000000..9f0147c --- /dev/null +++ b/changes/bug12498 @@ -0,0 +1,29 @@ + o Major features (Ed25519 identity keys: #12498, Prop220): + - All relays now maintain a stronger identity key, using the + Ed25519 elliptic curve signature format. This master key is + designed so that it can be kept offline. Relays also generate + an online signing key, and a set of other Ed25519 keys and certificates. + These are all automatically regenerated and rotated as needed. + - Directory authorities track which Ed25519 identity keys have been + used with which RSA1024 identity keys, and do not allow them to vary + freely. + - Directory authorities now vote on Ed25519 identity keys along with + RSA1024 keys. + - Microdescriptors now include ed25519 identity keys. + + o Major features (onion key cross-certification): + - Relay descriptors now include signatures of the identity keys using + the TAP and ntor onion keys. This allows relays to prove ownership of + their own onion keys. Because of this change, microdescriptors no longer + need to include RSA identity keys. Implements proposal 228; + closes ticket 12499. + + o Code simplification and refactoring: + - The link authentication code has been refactored for better testability + and reliability. It now uses code generated with the "trunnel" + binary encoding generator, to reduce the risk of bugs due to + programmer error. Done as part of ticket 12498. + + o Testing: + - The link authentication protocol code now has extensive tests. + - The relay descriptor signature testing code now has extensive tests.