Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed (moved)
Opened by teor@teor

tor-spec doesn't say how clients authenticate authorities or fallback directories

     In all handshake variants, once all certificates are exchanged, all
     parties receiving certificates must confirm that the identity key is as
     expected.  (When initiating a connection, the expected identity key is
-    the one given in the directory; when creating a connection because of an
+    when no reasonably live consensus is available: the one given in the hard-coded authority or fallback list;
+    when there is a reasonably live consensus: the one in the directory; when creating a connection because of an
     EXTEND cell, the expected identity key is the one given in the cell.)  If
     the key is not as expected, the party must close the connection.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information