nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

r11911@catbus: nickm | 2007-02-24 02:51:37 -0500

Browse Source 
Clarify rules about certificates on incoming connections. Does it make more sense now?


svn:r9635
This commit is contained in:
Nick Mathewson 2007-02-24 07:54:47 +00:00
parent 50f22e858a
commit 38dcc368c4
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
doc/spec/tor-spec.txt
View File

@ -174,13 +174,12 @@ see tor-design.pdf.
EXTEND cell, the expected identity key is the one given in the cell.) If EXTEND cell, the expected identity key is the one given in the cell.) If
the key is not as expected, the party must close the connection. the key is not as expected, the party must close the connection.
All parties SHOULD reject connections to or from ORs that have malformed When connecting to an OR, all parties SHOULD reject the connection if that
or missing certificates. OR has a malformed or missing certificate. When accepting an incoming
[XXX How can we recognize that it's an OR if it's an incoming connection connection, an OR SHOULD NOT reject incoming connections from parties with
with malformed/missing certs? Should we change the above to just "to malformed or missing certificates. (However, an OR should not believe
ORs"? -RD] that an incoming connection is from another OR unless the certificates
ORs SHOULD NOT reject incoming connections from OPs with malformed are present and well-formed.)
or missing certificates.
[Before version 0.1.2.8-rc, ORs rejected incoming connections from ORs and [Before version 0.1.2.8-rc, ORs rejected incoming connections from ORs and
OPs alike if their certificates were missing or malformed.] OPs alike if their certificates were missing or malformed.]