[taler-docs] branch master updated: document offline options

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-docs] branch master updated: document offline options

From:	gnunet
Subject:	[taler-docs] branch master updated: document offline options
Date:	Thu, 24 Dec 2020 14:48:28 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new fe732cd  document offline options
     new 53878b8  Merge branch 'master' of git+ssh://git.taler.net/docs
fe732cd is described below

commit fe732cd38e1f2c0bc2ee8c2377cbfd95aff5167b
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Thu Dec 24 14:48:21 2020 +0100

    document offline options
---
 manpages/taler.conf.5.rst | 22 ++++++++++++++++++++++
 taler-auditor-manual.rst  |  8 ++++++++
 2 files changed, 30 insertions(+)

diff --git a/manpages/taler.conf.5.rst b/manpages/taler.conf.5.rst
index 66e9699..f6a192d 100644
--- a/manpages/taler.conf.5.rst
+++ b/manpages/taler.conf.5.rst
@@ -157,6 +157,28 @@ EXCHANGE OFFLINE SIGNING OPTIONS
 
 The following options must be in the section "[exchange-offline]".
 
+MASTER_PRIV_FILE
+  Where to store the offline private key of the exchange.
+  Mandatory.
+
+SECM_TOFU_FILE
+  Where to store the public keys of both crypto helper modules.
+  Used to persist the keys after the first invocation of the tool,
+  so that if they ever change in the future, this is detected and
+  the tool can abort.
+  Mandatory.
+
+SECM_DENOM_PUBKEY
+  Public key of the (RSA) crypto helper module. Optional. If not given,
+  we will rely on TOFU.  Note that once TOFU has been established,
+  this option will also be ignored.
+
+SECM_ESIGN_PUBKEY
+  Public key of the (EdDSA) crypto helper module. Optional. If not given,
+  we will rely on TOFU.  Note that once TOFU has been established,
+  this option will also be ignored.
+
+
 EXCHANGE RSA CRYPTO HELPER OPTIONS
 ------------------------------
 
diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst
index 3bab780..d81b7ce 100644
--- a/taler-auditor-manual.rst
+++ b/taler-auditor-manual.rst
@@ -699,6 +699,14 @@ Invariants checked by the taler-helper-auditor-coins
 This is from CodeBlau's analysis. A proper write-up is pending.
 CodeBlau reports the following checks:
 
+- check that all denominations used by the exchange have been signed using
+  this auditor's key. All denominations encountered in the database that
+  this auditor did not officially sign for are reported (but still included
+  in the audit as they obviously may impact the exchange's bank balance).
+  Depending on the business situation, this may be normal (say if an exchange
+  is changing auditors and newer denominations are no longer supported until
+  their end-of-life by the current auditor).
+
 - emergency on denomination over loss
 
   - value of coins deposited exceed value of coins issued

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-docs] branch master updated: document offline options, gnunet <=

Prev by Date: [libmicrohttpd] 01/02: examples: fixed wrong array initialisation
Next by Date: [taler-exchange] branch master updated: implement #6661: secm key pinning via configuration
Previous by thread: [libmicrohttpd] branch master updated (e8ee7c64 -> fb283746)
Next by thread: [taler-exchange] branch master updated: implement #6661: secm key pinning via configuration
Index(es):
- Date
- Thread