diff --git a/ChangeLog b/ChangeLog
index feab0f093..e7f8c81de 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,8 @@
 Changes in version 0.2.0.26-rc - 2008-05-??
+  o Major bugfixes:
+    - List authority signatures as "unrecognized" based on DirServer lines,
+      not on cert cache.
+
   o Minor features:
     - Add a new V3AuthUseLegacyKey option to make it easier for authorities
       to change their identity keys if they have to.
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index fec0c972d..f599c1a62 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -392,17 +392,18 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
   {
     if (!voter->good_signature && !voter->bad_signature && voter->signature) {
       /* we can try to check the signature. */
+      int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
+                                          voter->identity_digest) != NULL;
       authority_cert_t *cert =
         authority_cert_get_by_digests(voter->identity_digest,
                                       voter->signing_key_digest);
-      if (! cert) {
-        if (!trusteddirserver_get_by_v3_auth_digest(voter->identity_digest)) {
-          smartlist_add(unrecognized, voter);
-          ++n_unknown;
-        } else {
-          smartlist_add(need_certs_from, voter);
-          ++n_missing_key;
-        }
+      if (!is_v3_auth) {
+        smartlist_add(unrecognized, voter);
+        ++n_unknown;
+        continue;
+      } else if (!cert) {
+        smartlist_add(need_certs_from, voter);
+        ++n_missing_key;
         continue;
       }
       if (networkstatus_check_voter_signature(consensus, voter, cert) < 0) {