tor-netdoc: Validate inner certs in HsDesc (!1044) · Merge requests · The Tor Project / Core / Arti

Nick Mathewson requested to merge nickm/arti:hs_cert_inner_validation into main Mar 01, 2023

This makes our implementation behave the same as the C tor implementation, by validating all of the expiration and signatures on the certificates in the inner document.

(It is still not semantically necessary to check these certs: the document in which they appear is already signed by the key with which they are allegedly signed.)

Closes #744 (closed)

tor-netdoc: Validate inner certs in HsDesc

Merge request reports