More DNS fixes. Send meaningful TTLs back to the client when

possible.  Cache at the server side independently from the TTL, to
prevent attackers from probing the server to see who has been asking
for what hostnames.  (Hi, Dan Kaminski!)

Also, clean some whitespace.


svn:r6526

1 files changed, 6 insertions, 1 deletions

diff --git a/doc/tor-spec.txt b/doc/tor-spec.txt
index 347397ce6..6a740bce7 100644
--- a/doc/tor-spec.txt
+++ b/doc/tor-spec.txt
@@ -571,7 +571,12 @@ when do we rotate which keys (tls, link, etc)?
        The IPv6 address to which the connection was made [16 octets]
        A number of seconds (TTL) for which the address may be cached [4 octets]
    [XXXX Versions of Tor before 0.1.1.6 ignore and do not generate the TTL
-   field.  No version of Tor currently generates the IPv6 format.]
+   field.  No version of Tor currently generates the IPv6 format.
+
+   Tor servers before 0.1.2.0 set the TTL field to a fixed value.  Later
+   versions set the TTL to the last value seen from a DNS server, and expire
+   their own cached entries after a fixed interval.  This prevents certain
+   attacks.]
 
    The OP waits for a RELAY_CONNECTED cell before sending any data.
    Once a connection has been established, the OP and exit node