Validate untrusted TLS certificates to ensure Exits aren't performing an attack
As described in https://gitweb.torproject.org/tor-browser-spec.git/tree/proposals/103-selfsigned-user-safety.txt - we can validate untrusted certificates via a separate circuit to ensure the exit node is not performing a TLS MITM attack on end users.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information