mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
r11911@catbus: nickm | 2007-02-24 02:51:37 -0500
Clarify rules about certificates on incoming connections. Does it make more sense now? svn:r9635
This commit is contained in:
parent
50f22e858a
commit
38dcc368c4
@ -174,13 +174,12 @@ see tor-design.pdf.
|
||||
EXTEND cell, the expected identity key is the one given in the cell.) If
|
||||
the key is not as expected, the party must close the connection.
|
||||
|
||||
All parties SHOULD reject connections to or from ORs that have malformed
|
||||
or missing certificates.
|
||||
[XXX How can we recognize that it's an OR if it's an incoming connection
|
||||
with malformed/missing certs? Should we change the above to just "to
|
||||
ORs"? -RD]
|
||||
ORs SHOULD NOT reject incoming connections from OPs with malformed
|
||||
or missing certificates.
|
||||
When connecting to an OR, all parties SHOULD reject the connection if that
|
||||
OR has a malformed or missing certificate. When accepting an incoming
|
||||
connection, an OR SHOULD NOT reject incoming connections from parties with
|
||||
malformed or missing certificates. (However, an OR should not believe
|
||||
that an incoming connection is from another OR unless the certificates
|
||||
are present and well-formed.)
|
||||
|
||||
[Before version 0.1.2.8-rc, ORs rejected incoming connections from ORs and
|
||||
OPs alike if their certificates were missing or malformed.]
|
||||
|
Loading…
Reference in New Issue
Block a user