[tor-bugs] #17135 [Tor]: Disable key-pinning for a few months.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Sep 24 15:17:18 UTC 2015
#17135: Disable key-pinning for a few months.
------------------------+--------------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
------------------------+--------------------------------
Comment (by karsten):
Took a quick look and didn't find any obvious flaws, though that doesn't
mean much because I'm not really into the implementation here. Two things
about the changes file and man page entry though:
- I think you mean "AuthDirPinKeys" in the changes file, not
"DirAuthPinKeys".
- The last sentence in the man page isn't entirely clear to me: "In all
cases, accepted keypairs are recorded." If that option is set to 0, does
that mean that all accepted keypairs ever submitted are recorded, or just
the latest mapping received? I think the latter, but I'm not sure how to
write that as a short, precise sentence.
Feel free to not count this review and ask somebody else to take a look
before merging.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17135#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list