diff options
author | Roger Dingledine <arma@torproject.org> | 2003-09-05 06:46:39 +0000 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2003-09-05 06:46:39 +0000 |
commit | 77dfd7826df05fda7ca4506216788ce135c69195 (patch) | |
tree | 45eebc55db3b2ddae1e758aba3eb27744f6210b0 /doc/tor-spec.txt | |
parent | 7a34cdf5eeace25e9787240c53ce1db38e2e08f6 (diff) | |
download | tor-77dfd7826df05fda7ca4506216788ce135c69195.tar tor-77dfd7826df05fda7ca4506216788ce135c69195.tar.gz |
fill in a gap in the spec
svn:r427
Diffstat (limited to 'doc/tor-spec.txt')
-rw-r--r-- | doc/tor-spec.txt | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/doc/tor-spec.txt b/doc/tor-spec.txt index e9e56b10d..e19e7d09d 100644 --- a/doc/tor-spec.txt +++ b/doc/tor-spec.txt @@ -44,10 +44,10 @@ which reveals the downstream node. 2. Connections - There are two ways to connect to an OR. The first is as an onion - proxy (OP), which allows the OP to authenticate the OR without - authenticating itself. The second is as another OR, which allows - mutual authentication. + There are two ways to connect to an onion router (OR). The first is + as an onion proxy (OP), which allows the OP to authenticate the OR + without authenticating itself. The second is as another OR, which + allows mutual authentication. Tor uses TLS for link encryption, using the cipher suite "TLS_DHE_RSA_WITH_AES_128_CBC_SHA". An OR always sends a @@ -56,7 +56,7 @@ which reveals the downstream node. All parties receiving certificates must confirm that the public key is as it appears in the server directory, and close the - connection if it does not. + connection if it is not. Once a TLS connection is established, the two sides send cells (specified below) to one another. Cells are sent serially. All @@ -65,9 +65,10 @@ which reveals the downstream node. of TLS records should not leak information about the type or contents of the cells. - OR-to-OR connections are never deliberately closed. OP-to-OR - connections are closed when the OP has no more circuits running - over a connection, and an amount of time (????) has passed. + OR-to-OR connections are never deliberately closed. An OP should + close a connection to an OR if there are no circuits running over + the connection, and an amount of time (KeepalivePeriod, defaults to + 5 minutes) has passed. 3. Cell Packet format |