diff options
Diffstat (limited to 'doc/dir-spec.txt')
| -rw-r--r-- | doc/dir-spec.txt | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/doc/dir-spec.txt b/doc/dir-spec.txt index 32e71f92f..0c349a515 100644 --- a/doc/dir-spec.txt +++ b/doc/dir-spec.txt @@ -106,8 +106,12 @@ Piece two: (optional) and not fingerprints, it also means that dirservers can rotate their signing keys transparently. - But, keeping track of the seed keys becomes a critical security issue; - and rotating them in a backward-compatible way adds complexity. + But, keeping track of the seed keys becomes a critical security issue. + And rotating them in a backward-compatible way adds complexity. Also, + dirserver locations must be at least somewhere static, since each lost + dirserver degrades reachability for old clients. So as the dirserver + list rolls over we have no choice but to put out new versions. + Piece three: (optional) |